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The  difference  between 
networking  and  not  working. 

Some  systems  require  you  to  reconfigure  your  network  infrastructure 
to  match  their  standards.  Not  the  IBM  BladeCenter®  with  Intel®  Xeon® 
processors.  It  offers  a  broad  range  of  networking  technologies— including 
some  of  the  most  advanced  virtualization  solutions  in  the  industry.  So 


Xeon 


Powerful. 

Intelligent. 

v  .r  J 


you  can  choose  the  one  that  works  best  with  your  infrastructure.  And 
IBM  BladeCenter  can  save  you  up  to  40%  on  networking  costs  versus 
competitive  offerings.1 


Take  10  minutes  to  see  for  yourself. 

Learn  how  you  could  achieve  a  3-month  ROI  on  your  migration 
with  our  Systems  Consolidation  Tool.  Visit  ibm.com/systems/blade 


1.  The  40%  cost  savings  are  based  on  a  comparison  of  the  acquisition  costs  of  10  current  generation  HP  rack  optimized  solutions  (La,  DL380  G7  Proliant  with 
10  GbE  Ethernet  and  Fibre  Channel  infrastructure)  to  10  current  generation  IBM  BladeCenter  and  HS22  systems  with  converged  fabric  solutions  from  Brocade. 
See  www-03.lbm.com/systems/bladecenter/hardware/opentabric/fcoe.html.  The  IBM  solution  Includes  chassis  infrastructure.  Pricing  utilizes  publicly 
available  pricing  per  port  for  Tofi  ethemet  and  FC  switching  infrastructure  as  of  Jan  2011.  The  40%  networking  hardware  costs  savings  result  from  eliminating 
separate  Ethemet  and  Fibre  Channel  cards  and  switches  in  the  deployment  of  an  IBM  BladeCenter  FCoE  solution  tor  10  servers  and  associated  networking 
hardware  in  comparison  to  the  HP  solution.  IBM.  the  IBM  logo  ibnicom  and  BladeCenter  are  trademarks  of  International  Business  Machines  Corp.  registered 
in  many  jurisdictions  worldwide  Other  product  and  service  names  might  be  trademarks  of  IBM  or  other  companies  A  current  list  of  IBM  trademarks  is  available 
on  the  Web  at  wwwibrncom/legal/copytradeshtml  Intel,  the  Intel  logo  Xeon  and  Xeon  inside  are  trademarks  of  Intel  Corporation  in  the  US  and  other  countries 
O  International  Business  Machines  Corporation  2011.  All  rights  reserved 
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44  New  studies  indicate  that 
IT  workloads  are  increasing 
as  more  technology  is  added  but 
staffing  levels  plateau. 
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Sick  and  Tired  of  IT 
Taking  the  Blame 

I  enjoyed  Frank  Hayes’  March  7 
column,  “Seven  IT  Lessons  from  the 
Collapse  of  Borders.”  It  was  a  great 
Monday  morning  wrap-up. 

But  I  do  take  issue  with  one  state¬ 
ment,  where  he  says  that  “no  one  in  IT 
was  able  to  convince  management  to 
reinvent  Expert.”  Expert  was  Borders’ 
inventory  management  system,  and 
Hayes  points  out  that  it  was  unable  to 
scale  as  Borders  grew. 

Why  is  IT  being  made 
the  scapegoat  once  again 
for  C-level  incompetence? 

I  think  that  Expert’s 
shortcomings  would  have 
been  pretty  obvious.  I 
can’t  imagine  that  one  needed  an  MBA 
to  see  how  the  system  (and  I’m  not  just 
talking  about  technology)  was  failing. 
Hayes  seems  to  imply  not  only  that  IT 
staff  were  the  only  ones  who  could  see 
the  problem,  but  that  IT  was  also  the 
only  one  responsible.  Really? 

If  the  fall  of  Borders  was  IT’s  fault, 
then  what  were  the  executives  respon¬ 
sible  for? 


JOIN  IN! 

You  can  comment 
directly  on  our  stories,  at 

computerworld.com. 


I’m  growing  tired  of  IT  taking  one 
for  the  team.  And  it’s  one  thing  when 
Marketing  and  other  departments 
pin  one  on  IT.  Let’s  face  it,  they’re  not 
going  to  admit  any  guilt  themselves. 
But  why  is  Frank  Hayes  reinforcing  a 
myth  and  a  stereotype? 

Mark  Simchock,  chief  alchemist. 
Alchemy  United 

iPad  'Review’ 

Lacks  Objectivity 

“Apple’s  iPad  2 
Is  the  ‘Holy  Grail’ 
of  Computing” 

[ Computerworld.com , 
March  13]  does  not 
meet  the  minimum 
standards  for  critical 
evaluation  of  a  product,  and  the 
writer  at  times  sounds  more  like  an 
apologist  for  Apple  than  an  objective 
reviewer. 

I  am  not  an  Apple-basher  at  all, 
but  I  think  that  any  product  evalua¬ 
tion  should  be  objective  and  critical. 

Seriously,  would  any  “Holy  Grail  of 
computing”  today  lack  a  USB  port? 
Mark  Pitcavage 


Find  these  stories  at  computerworld.com/more 


Do  You  Need  a 
Tablet  Policy? 

Some  IT  shops  have 
formal  enterprise 
tablet  deployment 
strategies  that 
address  everything  from  security  to  app 
delivery  and  support.  Does  yours? 
computerworld.com/s/artide/9216208 


Free  Tools  for  Data 
Visualization  and  Analysis 

Got  data?  Here  are  22  tools  that  can  turn 
it  into  informative,  engaging  graphics. 

computerworid.com/s/artide/9215504 


Hosting  Virtual 
Desktops 

We  take  an  in-depth  look  at 
what  you  need  to  know  for 
a  successful  deployment. 

computerworld.com/s/artide/9216265 


Appliances  Can 
Speed  Up  Your 
Web-Based  Apps 

BflEBfr  App  delivery  con¬ 
trollers  are  a  great  way  to 
improve  performance.  But  avoid  overbuying, 
and  carefully  consider  which  approach  to  take. 

computerworld.com/s/artjcle/9214785 
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SonicWALL  Next-Gen  Firewalls  deliver  super!  r  intrusion  prevention,  malware  protection, 
inspection  for  SSL  encrypted  sessions,  and  granular  application  intelligence  and  control.  With 
SonicWALL  Firewalls,  you  can  visualize  apps  running  across  your  network— allocating  bandwidth 
for  what's  essential  and  limiting  or  blocking  what’s  not.  Our  product  line  scales  from  the  highest-end 
enterprises  to  distributed  networks,  providing  comprehensive  application  productivity  and  security. 


Learn  more  about  SonicWALL  Next-Gen  Firewalls  including  the  TZ, 
Network  Security  Appliance,  E-Class  NSA.  and  the  new  SuperMassive " 
El  0000  Series  at 


SONIC  /ALL 


THE  ENTERPRISE 


-  20T1  SonicWALL,  Inc,  SonicWALL  and  the  SonicWALL  logo  ate1  registered, trademarks  of  SonicWALL.  Inc 


TOUGH  QUESTION  #14 


CAN  A  NEXT-GEN  FIREWALL  ENABLE 
GRANULE  APPLICATION  CONTR  >L  F<  3 
YOUR  ENTIRE  ENTERPRISE? 
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TABLETS 


Big  Pharma  Gobbles  Up  iPads  for  Sales 


in  rival  tablets  in  their  headlong  rush  to  the 
iPad,  he  said,  and  they  aren’t  waiting  for 
vendors  to  release  salesforce  automation  ap¬ 
plications  that  are  optimized  for  the  iPad. 

“Several  major  pharmaceutical  compa¬ 
nies  are  putting  the  cart  before  the  horse  by 
purchasing  iPads  in  large  quantities  prior  to 
even  owning  a  single  application  to  run  on 
the  iPad,”  Newmark  said.  “More  than  one 
company  has  told  us  they  have  already  pur¬ 
chased  iPads  in  significant  volume 
and  are  storing  them  for  later  use,” 
when  sales  apps  become  available. 

Newmark  concluded  that  “the 
skyrocketing  adoption  of  iPads  in  pharma 
sales  and  marketing”  will  put  Apple  in  a 
great  position  to  “quickly  become  a  domi¬ 
nant  hardware  vendor”  in  that  market. 

-  Mitch  Betts 
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OUTSOURCING 

Analyst:  China 
Poised  to  Grow 
In  IT  Services 

The  top  10  Chinese  outsourcing 
providers  employ  a  total  of  85,000 
people.  That  may  sound  like  a  lot, 
but  it’s  small  relative  to  the  number 
in  India,  where  one  outsourcing  firm 
alone  employs  187,000  people. 

Yet  China’s  IT  service  providers 
are  in  a  good  position  to  grow  in  the 
years  ahead,  according  to  outsourc¬ 
ing  consultancy  TPl. 

“What’s  interesting,  and  perhaps 
coincidental,  is  that  the  size  of  the 
leading  Chinese  providers  today  by 
employee  and  revenue  is  roughly 
equivalent  to  the  size  of  the  leading 
providers  in  India  a  decade  ago,” 
said  Michael  Rehkopf,  a  partner  and 
director  at  TPl. 

Rehkopf  said  he  won’t  be  sur¬ 
prised  to  see  “Chinese  service  pro¬ 
viders  take  off  quickly  and  dramati¬ 
cally  in  the  decade  ahead.” 

But  what  could  hurt  China’s 
outsourcing  growth  is  increasing 
competition  from  other  nations, 
and  intellectual  property  protection 
issues,  Rehkopf  added. 

China’s  outsourcing  industry  may 
not  focus  on  the  U.S.  market  like 
India’s  has,  predicted  John  Keppel. 
TPl’s  president.  Whereas  the  major 
Indian  IT  service  providers  count 

_  on  business  from 

U.S.  customers  for 
more  than  50% 
of  their  revenue, 
China-based  companies  have  a 
substantial  domestic  market  to  tap, 
as  well  as  the  large  economies  of 
nearby  Japan  and  Korea,  he  said. 

-  PATRICK  THIBODEAU 


PHARMACEUTICAL  sales  reps  are 

under  pressure  to  find  better  ways 
to  engage  doctors  during  sales 
visits.  Time-pressed  primary  care 
physicians  typically  give  salespeople  only  30 
seconds  per  interaction. 

Some  medical  specialists  have  more  time 
than  that  for  sales  calls,  but  sales  representa¬ 
tives  “still  struggle  with  their  ability  to  dif¬ 
ferentiate  themselves  through  clear,  concise, 
and  interactive  messaging,”  Eric  Newmark, 
an  analyst  at  IDC  Health  Insights,  said  in  a 
blog  post  last  month. 

The  pharmaceutical  industry  apparently 
has  a  solution  to  the  problem:  Buy  a  bunch 
of  Apple  iPads  to  give  salespeople  “a  quicker, 
lighter  and  more  attractive  way  of  displaying 
drug-related  information,”  Newmark  wrote. 
Most  companies  are  showing  no  interest 


4  COMPUTERWORLD  MAY  9.  2011 


ANORCV  KISELEV  /  FOTOllA 


OTHERS  TALK  AROUND  IT.  WE  DEPLOY  IT 


Brocade  is  the  only  company  delivering  Ethernet  fabric 
technology  that  enables  cloud-optimized  networks  right  now. 

Brocade  Ethernet  fabrics  deliver  a  flatter  network 
architecture  that  reduces  cost  and  complexity  while  giving 
you  greater  flexibility  to  deliver  applications  anywhere. 

When  the  Mission  Is  Critical,  the  Network  Is  Brocade.™ 

Learn  more  at  Brocade.com/Everywhere 
#EthernetFabric 


BROCADE 


r  2011  Brocade  Communications  Systems.  Inc.  All  Rights  Reserved 
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BETWEEN  THE  LINES 

By  John  Klossner 


SECURITY  MONITOR 

Phishing  Becomes  More  Sophisticated 


THE  SUCCESSFUL  use  of  phishing 
emails  to  breach  secure  organiza¬ 
tions  like  Oak  Ridge  National 
Laboratory  and  EMC’s  RSA  security 
division  is  a  stark  reminder  of  the  serious 
threat  posed  by  a  type  of  attack  that  was  previ¬ 
ously  dismissed  as  low-tech. 

The  Oak  Ridge  lab  last  month  disclosed  that 
sophisticated  data-stealing  malware  had  infil¬ 
trated  its  networks.  The  breach  originated  in  a 
phishing  email  sent  to  about  570  employees. 
The  email  was  disguised  to  look  like  a  memo 
about  benefits  changes  written  by  the  lab’s  HR 
department.  When  a  handful  of  employees 
clicked  on  the  embedded  link  in  the  email, 
malware  was  downloaded  to  their  computers. 

Such  emails  now  appear  to  be  the  preferred 
method  for  breaking  into  corporate  networks, 
said  Anup  Ghosh,  founder  of  security  firm 
Invincea. 

“You  only  need  a  very  low  click-through  rate 
to  establish  several  points  of  presence  inside 
an  organization,”  Ghosh  said.  “If  you  have 


1,000  employees  in  your  organization  and 
you  train  them  all  on  not  opening  untrusted 
attachments,  you’ll  still  have  someone  doing 
it.  This  is  not  a  problem  you  can  train  yourself 
out  of.” 

Exacerbating  the  problem  is  the  growing 
sophistication  of  phishing  campaigns. 

Organized  cybercrime  groups  are  using 
convincingly  crafted  emails  to  target  high- 
level  executives  and  employees  within  the 
organizations  they  want  to  attack.  In  many 
cases,  the  phishing  emails  are  personalized, 
localized  and  designed  to  appear  as  though 
they  originated  from  a  trusted  source. 

Increasingly,  information  from  social  net¬ 
working  sites  such  as  Linkedln  and  Facebook 
is  being  used  to  make  the  targeted  phishing 
attacks  harder  to  detect,  said  John  Pescatore, 
an  analyst  at  Gartner.  “With  all  the  personal 
information  and  friends  lists  people  expose  on 
those  sites,”  he  added,  “it  is  not  that  hard  to 
craft  a  very  personal-sounding  email.” 

-  Jaikumar  Vijayan 


The  Obama  administration 
plans  to  close 

137 

data  centers  this  year. 
The  total  floor  space  is 
equal  to  5.5  football  fields. 


MOBILE  MARKETING 

Visa,  Gap  Send 
Discount  Offers 
To  Cellphones 

Credit  card  company  Visa  and  cloth¬ 
ing  retailer  Gap  announced  last 
month  that  they’re  using  SMS  text 
messages  to  deliver  updates  about 
promotions  and  discounts  to  Gap 
customers’  mobile  phones. 

The  system,  which  uses  Visa’s 
global  processing  network,  will  be 
expanded  to  retailers  nationwide. 
Visa  said,  although  no  timeline  was 
announced. 

Gap  and  Visa  began  a  pilot  of  the 
real-time  text  message  system  in 
November.  Customers  enroll  via  a 
secure  website  and  are  sent  Gap 
offers  when  they  use  Visa  cards  to 
complete  transactions  that  meet 
certain  criteria  -  for  example,  if 
they  buy  something  at  a  store  in  a 
specified  ZIP  code.  Once  the  offers 
appear  on  their  phones,  the  cus¬ 
tomers  can  take  advantage  of  them 
by  showing  the  text  messages  to 
Gap  sales  clerks. 

Visa  said  that  high-speed  transac¬ 
tion  processing  helps  retailers  reach 
potential  customers  with  new  offers 
while  they’re  still  out  shopping. 

Amy  Carr,  director  of  customer 
relationship  management  strategy 
at  Gap.  said  the  Visa  system  has 
given  the  retailer  new  insights 
into  its  customer  base,  leading  to 
improvements  in  the  way  it  targets 
promotions  to  people. 

MATT  HAMBLEN 
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clients  recently 
upgraded. 


Since  2009,  over  1,000  clients  have  moved  business  to  IBM  Power  Systems™ 
from  Oracle/Sun.  Some  were  swayed  by  the  up  to  60%  drop  in  IT  costs.  Others 
by  the  3x  per  core  performance  (per  both  TPC-C  and  SAP  SD  benchmarks). 
And  some  by  both.  Though  all  saw  the  strong  business  case  for  moving.  We’d 
welcome  the  opportunity  to  show  how  IBM  could  help  your  organization,  too. 

ibm.com/facts 


IT  COSTS:  All  client  examples  cited  or  described  are  presented  as  illustrations  of  the  manner  in  which  some  Clients  have  used  IBM  products  and  the  results  they  may  have  achievediActuaj  ehvirotimenial  4q@ts  and  fa  y . • ;  V’  •! 
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trademark  of  SAP  AO  m  Germany  and  several  other  countries.  IBM,  the  IBM  logo,  ibm.com,  082  Power  Systems  Smarter  Planet  and  the  planet  icon  are  trademarks  of  International  Business  Machines  Corj), registeak!  liimany  •'  ■ 

woridwide.  Otter  product  and  service  names  might  he  trademarks  ol  IBM  or  other  companies.  A  current  list  of  IBM  trademarks  is  available  on  the  Web  at  wwsv.ihm.com1egat/copyiraddshtml  ©  jsirTe^' -  y.  ■  ' : ;./• 


NEWS  ANALYSIS 

Amazon  Service  Outage 
Reinforces  Cloud  Doubts 


The  incident  could  curb  business  adoption  of  hosted  application 
or  storage  services.  By  Patrick  Thibodeau  and  Jaikumar  Vijayan 


THE  PROLONGED  OUTAGE  of  Amazon.com’s  ECi  cloud 
service  late  last  month  could  set  back  adoption  of 
hosted  services  by  giving  some  companies  —  especially 
those  that  are  on  the  fence  about  migrating  to  the 
cloud  —  a  strong  argument  for  taking  it  slowly. 

For  other  organizations,  Amazon’s  problems  reinforced  an 
already-held  belief  that  cloud  services  can’t  match  an  enterprise 
IT  operation  when  it  comes  to  meeting  the  technology  needs  of 
business  or  government  entities. 

More  than  a  week  after  the  days-long  partial  outage  started 
on  April  21,  Amazon  released  a  detailed  5,700-word  postmortem 
and  mea  culpa  that  identified  the  culprit  as  a  configuration  error 
that  occurred  during  a  network  upgrade. 

“The  recent  outage  confirmed,  for  us,  that  cloud  services  are 
not  yet  ready  for  prime  time,”  said  Paul  Haugan,  CTO  for  the  city 
of  Lynnwood,  Wash.  The  city  had  been  looking  into  Amazon’s 


cloud  offerings,  he  added. 

“Cloud  services  [as  a  whole] 
need  some  more  maturing  and  a 
much  more  hardened  infrastruc¬ 
ture  and  security  model  prior  to 
our  adoption,”  Haugan  said. 

Jay  Leader,  a  senior  vice  presi¬ 
dent  and  CIO  at  iRobot,  whose 
products  include  the  Roomba 
vacuum  cleaner,  said  the  Amazon 
outage  illustrates  well  the  limita¬ 
tion  of  cloud  computing. 

“We  don’t  use  Amazon  or  any 
other  public  cloud  services,  and 
we  won’t,  perhaps  ever,  or  at  least 
until  there  is  much  more  transpar¬ 
ency  about  where  the  data  lives, 
who  controls  where  it  lives  and 
when  and  where  it  moves,  and  lots 
of  other  things,”  Leader  said. 

Analysts  noted  that  the 
Amazon  incident  further 
increased  IT  concerns  about 
application  availability  and  the 
security  of  cloud  services. 

“Obviously,  these  issues  are 
very  heightened  right  now  and 
will  continue  to  be  so  for  quite  a 
while  in  light  of  the  outage,”  said 
Gartner  analyst  Kyle  Hilgendorf. 
“Amazon  portrays  an  aura  of 
invincibility,  whether  inten¬ 
tional  or  not,  and  this  outage 
is  going  to  remind  enterprise 
customers  that  nobody  is  perfect 
and  increased  due  diligence  is 
required.” 

Hilgendorf  said  IT  managers  remain  most  concerned  about 
cloud  security  —  including  whether  user  authentication  and 
access  control  measures  are  adequate,  how  much  access  a  service 
provider  has  to  a  customer’s  systems  and  data,  and  the  potential 
for  an  accidental  release  of  protected  data. 

The  Amazon  outage  also  reinforces  the  fact  that  there’s  no  way 
to  directly  migrate  customer  data  to  another  provider,  said  Arun 
Taneja,  an  analyst  at  Taneja  Group.  If  a  service  goes  down,  the  host 
company  must  return  the  data  to  its  customer,  which  then  must 
find  another  provider  or  revert  back  to  storing  it  locally,  he  said. 

Coupled  with  recent  decisions  by  EMC,  Iron  Mountain, 

Cirtas  Systems  and  others  to  shut  down  or  scale  back  hosted 
storage  offerings,  the  Amazon  incident  could  spur  a  backlash 
against  cloud  storage  services,  even  though  they  can  offer  good 
value,  Taneja  said.  ♦ 

Lucas  Mearian  contributed  to  this  story. 


The  recent  outage  confirmed,  for  us,  that  cloud  services  are  not  yet  ready  for  prime  time. 

-  PAUL  HAUGAN,  CTO.  CITY  OF  LYNNWOOD,  WASH. 
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SAP  HELPS  PINKBERRY 
DO  WHAT  THEY  DO 
BEST,  EVEN  BETTER. 
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Frozen  yogurt  phenom  Pinkberry 
relies  on  SAP  Business  ByDesign. 
It's  an  on-demand  solution  that 
helps  them  streamline  operations, 
wow  their  fans,  and  expand  their 
empire  of  swirly  goodness.  Find 
out  more  at  sap.com/yummier 
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NEWS  ANALYSIS 


Google  Apps  Tops 
Exchange  at  Cinram 

Citing  cost  and  service  issues,  the  DVD  maker  decided 
against  upgradingfrom  Microsoft  Exchange  5.5  and 
turned  to  Google  Apps  instead.  By  Sharon  Gaudin 


CINRAM  INTERNATIONAL  is  on  the  verge  of  completing  a 
nearly  yearlong  migration  from  Microsoft  Exchange  to 
Google  Apps,  a  move  that  an  IT  executive  at  the  maker  of 
DVDs,  Blu-ray  discs  and  other  media  called  a  “no-brainer.” 
Andrew  Murrey,  vice  president  of  IT  infrastructure 
at  Cinram,  said  the  company  decided  to  switch  to  Google’s  cloud 
offering  last  year  to  avoid  the  high  price  of  upgrading  Exchange 
and  because  it  wasn’t  happy  with  Microsoft’s  customer  service. 

“[Google]  was  much  better,”  Murrey  said.  “It  was  a  night-and- 
day  difference.” 

Analysts  say  Cinram’s  move  is  the  latest  example  of  corporate 
IT’s  slow  but  steady  acceptance  of  the  productivity  suite  from 
Google,  a  vendor  long  known  primarily  for  its  search  engine. 

“Google  has  stepped  in  and  grabbed  a  foothold  in  the  enter¬ 
prise,”  said  Brad  Shimmin,  an  analyst  at  Current  Analysis.  “It’s 
been  very  impressive.” 

Microsoft,  Shimmin  said,  has  never  been  “a  high-touch” 
company,  but  the  software  vendor  may  have  to  change  its  approach 
if  Google  becomes  increasingly  popular  among  IT  managers. 


Google  has 

•f?  “  stepped  in 

and  grabbed  a  foothold 

in  the  enterprise.  It's 

been  very  impressive. 

ANALYST. 

CURRENT  ANALYSIS 

Toronto-based  Cinram  has  more 
than  10,000  employees  and  operates  20 
facilities  in  North  America  and  Europe. 

The  company  began  to  seriously 
consider  upgrading  from  Microsoft 
Exchange  5.5  —  an  email  system  first 
released  in  1997  —  early  last  year. 

Before  that,  Murrey  said,  “we  could 
never  present  a  business  case  that 
showed  a  significant  cost  savings.  It  was 
always  cost-prohibitive.” 

Last  spring.  Murrey  learned  that  the 
cost  of  moving  to  the  cloud  version  of  Ex¬ 
change,  including  implementation,  would 
be  $180  to  $200  per  seat  per  year,  which 
was  considerably  higher  than  he  expected. 

Murrey  said  Microsoft  and  partner 
companies  told  him  that  a  migration 
from  Exchange  5.5  would  be  difficult 
—  and  expensive  —  because  “there’s 
no  native  migration  tool  to  get  our  data 
into  a  format  that  would  be  usable.” 

Microsoft  said  that  the  price  it  quoted 
Cinram  was  specific  to  that  job. 

Cinram  was  spending  about  $225  per 
user  per  year  to  run  Exchange  5.5.  In 
contrast.  Murrey  said,  Google’s  online 
.  office  apps  cost  $83  per  user  per  year. 

“It’s  a  no-brainer,”  he  said.  “We  were 
spending  $225  per  user  for  Exchange,  and  now  we’re  getting  new 
features  and  tools  for  a  third  of  the  price.” 

He  noted  that  Cinram  will  be  using  all  of  the  apps  in  the 
Google  Apps  toolbox,  even  though  the  company  initially  looked 
at  email  alone. 

Murrey  also  said  that  Google  technicians  were  very  helpful 
during  the  migration,  which  began  last  July  with  a  pilot  system 
used  by  25  employees.  The  vendor  sent  engineers  to  a  Cinram 
facility  to  help  with  the  deployment. 

Google’s  hands-on  approach  may  be  a  sign  that  the  company  is 
“maturing  as  a  software  vendor,”  said  Shimmin.  “They  under¬ 
stand  the  need  for  the  consultative  side  of  the  business  and  what 
customers  need.  I’ve  seen  a  lot  of  evidence  [of  that]  in  the  past  12 
or  18  months.” 

Murrey  estimates  the  initial  cost  of  running  Google  Apps  at 
about  $700,000  annually.  “Because  we’re  still  in  the  migration 
phase,  there’s  all  those  expenses  for  moving  data  and  every¬ 
thing,”  he  said.  “We’re  hoping  to  get  that  $700,000  number 
down  to  close  to  half  a  million  [dollars]  a  year.”  ♦  x 
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REUTERS  /  STB  NEW 


A  work  of  art  in  secure  computing. 

Building  a  better  cloud  takes  a  revolutionary  approach  to 
virtualization  that  goes  far  beyond  conventional  solutions. 
With  a  resilient  infrastructure  and  robust  security,  SunGard 
provides  maximum  protection  and  a  fully  managed  solution 
that  virtually  eliminates  the  risk  of  failure.  Navigate  the  cloud 
with  confidence  as  it  dynamically  scales  to  meet  your  needs. 
With  leading-edge  technology  and  a  staff  of  accomplished 
professionals,  SunGard  can  help  make  your  next  cloud 
computing  project  a  work  of  art. 


Download  the  white  paper 
"Building  a  Better  Cloud" 
at:  sungardas.com/cloud11 


©  2010  SunGard.  SunGard  and  the  SunGard  logo  are  trademarks  or  registered  trademarks  of  SunGard  Data  Systems  Inc.  or  its  subsidiaries  in  the  U  S.  and  other  countries. 
All  other  trade  names  are  trademarks  or  registered  trademarks  of  their  respective  holders. 


AVAILABILITY  SERVICES 


Cheryl  Whitis 


This  Raytheon  CIO  worked 
to  gain  control  over  her 
department’s  budget. 


Something  most  people  don’t 
know  about  you:  i  love  to  travel, 
and  when  we  go,  I  like  to  do 
things  like  zip-lining  through 
the  jungle  canopies.  I’ve  done 
it  a  couple  of  times,  in 
Costa  Rica  and  Jamaica. 

Technology  you  could 
not  live  without:  I  am  terrible 
with  directions,  so  to  me 
GPS  systems  are  the  most 
wonderful  inventions. 

Favorite  nonwork  pastime: 

We  spend  quite  a  bit  of  time 
boating  with  our  family. 

Our  sons  live  nearby,  and  l  have 
two  grandsons  now,  a  4-year-old 
and  a  4-month-old. 
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CHERYL  WHITIS  is  vice  president 
and  CIO  for  Raytheon’s  Network 
Centric  Systems,  a  group 
with  13,000  employees,  8,000 
of  whom  are  engineers  and  scientists. 
Working  in  the  aerospace  and  defense  field 
is  a  passion  for  her,  one  she  discovered 
almost  by  accident  with  her  first  job  at 
Northrop  Worldwide  Aircraft  Services.  The 
industry  holds  a  personal  significance  for 
her  as  well:  Both  her  father  and  father- 
in-law  are  career  Army  servicemen,  and 
Whitis  takes  pride  in  the  fact  that  she 
contributes  to  U.S.  national  defense  and 
the  protection  of  its  warfighters. 

How  is  IT  changing  the  aerospace  and 
defense  industry?  Raytheon  is  what 
I  would  call  a  Tier  2  aerospace  and 
defense  company.  We  are  not  manufac¬ 
turing  platforms  like  the  actual  aircraft 
Continued  on  page  14 
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Register  to  receive  white  paper  #24,  "Effect  of  UPS  on 
System  Availability,"  and  enter  to  WIN  APC  Smart-UPS 
1500VA  Rack/Tower  LCD  120V,  a  $779  value! 


www.apc.com/promo 

(888)  289-APCC  x6267 
Fax:  401-788-2797 


Name: Iit}ei 


Company: 

Address: 

Address  2: 

Citv/Town: 

State: 

Zip  Code: 

Country: 

Phone: 

Fax: 

e-mail: 

What  type  of  solution  do  you  need?  □  UPS:  0-1 6kVA  (Single-phase)  □  UPS:  1 0-80kVA  (3-phase  AC) 

□  UPS:  80+  kVA  (3-phase  AC)  DOC  Power  □  Networking  Enclosures  and  Racks  □  Air  Conditioning 

□  Monitoring  and  Management  □  Cables/Wires  □  Line  Conditioning  □  Mobile  Protection  □  Surge  Protection 

□  UPS  Upgrade  □  AV  Power  Protection  □  Don't  Know 

Purchase  time  frame?  D<1  Month  al-3  Months  D3-12  Months  m>l  Year  □  Don't  Know 

You  are  (check  one)  □  Home/Home  Office  □  Business  (<1 000  employees)  □  Large  Corp.  (>1 000  employees) 

□  Gov't,  Education,  Public  Org.  □  APC  Sellers  and  Partners  □  AV  Custom  Dealer  □  AV  Commercial  Dealer 

©2011  Schneider  Electric.  All  Rights  Reserved.  Schneider  Electric.  APC,  and  Smart-UPS  are  trademarks  owned  by  Schneider  Electric  Industries  SAS  or  its  affiliated  companies. 
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Now,  manage  both  your  UPS 
and  your  energy  proactively 


Legendary 

Reliability 


-  . 7^ 

r 

C02  emissions 
monitoring: 

Reduce  environmental  impact 
through  increased  understanding 
of  CO*  emissions 


Risk 

assessment: 

identify  and  proactively 
manage  threats  to  availability 
(e.g.,  aging  batteries) 


Energy  usage  and 
energy  cost  reporting: 

Save  energy  and  money  by 
tracking  energy  usage  and 
costs  over  time 


Only  APC  Smart-UPS  saves  money  and  energy 
without  sacrificing  availability 


Today’s  more  sophisticated  server  and  networking  technologies  require  higher 
availability.  That  means  you  need  more  sophisticated  power  protection  to  keep 
your  business  up  and  running  at  all  times.  But  that’s  not  all.  In  today’s  economy, 
your  UPS  must  safeguard  both  your  uptime  and  your  bottom  line.  Only  APC  by 
Schneider  Electric™  helps  you  meet  both  of  these  pressing  needs.  Specifically, 
the  APC  Smart-UPS™  family  now  boasts  models  with  advanced  management 
capabilities,  including  the  ability  to  manage  your  energy  in  server  rooms,  retail 
stores,  branch  offices,  network  closets,  and  other  distributed  environments. 


Why  Smart-UPS  is  a 

smarter  solution 

Intuitive  alphanumeric  display 

Get  detailed  UPS  and  power  quality 
information  at  a  glance  -  including 
status,  about,  and  diagnostic  log 
menus  in  up  to  five  languages. 


Intelligent  UPS  management  software 

PowerChute™  Business  Edition,  which  comes  standard  with  Smart-UPS  5  kVA 
and  below,  enables  energy  usage  and  energy  cost  reporting  so  you  can  save 
energy  and  money  by  tracking  energy  usage  and  costs  over  time;  CO2  emissions 
monitoring  to  reduce  environmental  impact  through  increased  understanding;  and 
risk  assessment  reporting  so  you  can  identify  and  proactively  manage  threats  to 
availability  (e.g.,  aging  batteries). 

Best-in-class  UPS 

Our  intelligent,  interactive,  energy-saving  APC  Smart-UPS  represents  the 
combination  of  more  than  25  years  of  Legendary  Reliability™  with  the  latest  in  UPS 
technology  including  an  easy-to-read,  interactive,  alphanumeric  LCD  display  to  keep 
you  informed  of  important  status,  configuration,  and  diagnostic  information,  a  unique 
battery  life  expectancy  predictor,  and  energy-saving  design  features,  like  a  patent- 
pending  "green”  mode. 

Now,  more  than  ever,  every  cost  matters  and  performance  is  critical.  That's  why 
you  should  insist  on  the  more  intelligent,  more  intuitive  APC  Smart-UPS. 


Configurable  interface 

Set  up  and  control  key  UPS 
parameters  and  functions  using 
the  intuitive  navigation  keys. 

On  rack/tower  convertible  models, 
the  display  rotates  90  degrees 
for  easy  viewing. 


Energy  savings 

A  patent-pending  "green"  mode 
achieves  online  efficiencies  greater 
than  97  percent,  reducing  heat  loss 
and  utility  costs. 


Download  White  Paper  #24,  "Effect  of  UPS  on  System 
Availability,"  and  register  to  WIN  APC  Smart-UPS 
1500VA  rack/tower  LCD  120V,  a  $779  value! 

Visit  www.apc.com/promo  Key  Code  b607v  Call  888-289-APCC  x6267 
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CHERYL  WHITIS 


THE  GRILL 


You  implemented  some  changes  when  you  took  your 
current  position.  Did  you  encounter  any  challenges 
or  resistance  when  you  began  reorganizing?  One 

was  that  the  business  really  didn’t  see  IT  as  a  major 
part  of  the  delivery  of  their  product.  It  was  more 
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Continued  from  page  12 
itself  or  the  actual  tanks, 
but  a  lot  of  our  products 
go  onto  the  aircraft  or  go 
in  the  tanks.  We  had  been 
used  to  just  delivering  our 
products  and  having  some 
afterlife  support,  but  more 
and  more  we  have  what  we 
call  “product  life  manage¬ 
ment.”  From  the  time  you 
conceive  the  design  until 
your  customer  retires  that 
asset  from  its  portfolio,  we 
are  responsible  for  all  of  that 
support,  and  that  drives  a 
lot  of  requirements  on  the 
IT  organization.  So  I  think 
we  are  uniquely  positioned 
to  help  grow  our  business 
by  providing  all  of  the  tools 
necessary  to  do  that. 


What  IT  and  security  chal¬ 
lenges  do  you  face?  While 
many  companies  have  to 
worry  about  export  regula¬ 
tions,  we  also  have  to  worry 
about  ITAR  —  International 
Traffic  in  Arms  Regulations 
—  because  of  the  products 
we  produce.  I  think  that  our 
security  concerns  are  even 
more  substantial,  because  if 
we  have  a  breach,  it  is  even 
more  dangerous  for  the  U.S. 

A  growing  concern  for  us 
is  the  consumerization  of  IT 
products.  I  can  remember 
a  time  when  employees 
weren’t  allowed  to  bring  cellphones  in  because  they 
had  cameras.  The  amount  of  data  that  you  can  store 
on  these  portable  devices  represents  additional  risks 
for  us.  We  spend  a  lot  of  time  educating  employees 
on  security  matters  and  safe  ways  to  use  consumer 
technologies.  We  have  been  spending  time  on  digital 
and  information  rights  management,  trying  to  put 
multiple  layers  of  security  around  the  data  that  we 
protect.  At  the  same  time,  we  are  trying  to  invest 
in  how  we  adopt  more  of  this  consumerization  of 
products.  I  would  love  to  see  a  time  when  we  could 
really  be  device-agnostic  and  not  have  to  control  all  of 
that  so  intensely. 


I  always  try 
to  tell  people 
that  there 
is  not  just 
one  way  to  get  to  the 
top.  There  are  lots  of 
different  paths. 


the  traditional  “make  sure  my  desktop  is  working.” 
Budget  for  our  key  products  was  actually  held  and 
managed  in  the  other  functions.  There  was  little 
strategic  planning  across  the  company  of  where  we 
needed  to  put  our  investments.  I  had  to  work  with  my 
peers  to  get  my  budget  back,  and  we  set  up  a  gover¬ 
nance  with  our  business  partnership  council  on  what 
we  would  do  with  those  large  investments.  We  didn’t 
want  to  be  restricted  by  the  budget  [as  to]  where  we 
put  our  efforts.  And  for  the  first  time,  it  made  them 
aware  of  what  was  important  to  other  functions  and 
other  parts  of  the  business. 

You  spoke  at  a  Women  in  Technology  International 
summit  in  2001,  to  women  who  wanted  to  become 
CIOs  or  CTOs.  What  advice  would  you  give  today  to 
women  who  want  to  advance  their  careers,  both  in 
IT  and  in  other  industries?  I  don’t  know  that  these 
things  are  specific  to  one  gender  anymore.  I  have 
seen  young  women  think  that  they  have  to  operate 
the  same  way  that  a  man  would,  and  I  always  try  to 
tell  people  that  there  is  not  just  one  way  to  get  to  the 
top.  There  are  lots  of  different  paths.  I  personally 
took  a  couple  of  years  off  when  my  first  son  was  born. 
You  don’t  have  to  have  a  role  model  in  the  exact  posi¬ 
tion  where  you  aspire  to  be  that  is  exactly  like  you. 
You  need  to  be  well  rounded,  but  you  just  really  need 
to  be  the  best  that  you  are,  and  you  are  going  to  be 
unique  in  what  you  bring  to  those  leadership  roles. 

Leadership  is  looking  for  someone  who  brings  a 
different  skill  and  ability  to  the  role  so  that  they  have 
a  very  well-rounded  leadership  team.  But  in  IT,  I  do 
think  that  women  have  to  think  about  the  business, 
not  just  the  technology.  The  higher  up  you  go,  the 
broader  your  skill  sets  need  to  be  and  the  more  they 
need  to  focus  on  understanding  the  business  and  how 
IT  can  bring  value  to  the  business.  It  is  important  to 
cultivate  both  aspects  —  the  technology  and  your 
knowledge  of  the  business. 

What  challenges  do  you  think  women  in  IT  face?  It  is 

a  challenge  that  we  do  not  have  more  women  in  those 
positions  that  we  aspire  to  get  to.  I  think  it  is  a  chal¬ 
lenge  for  people  of  color  as  well.  Raytheon  is  doing 
a  fabulous  job  in  that  area.  Aerospace  and  defense 
companies  get  stereotyped  as  not  being  too  forward¬ 
leaning  on  things  like  that,  and  to  some  extent  there 
are  probably  some  ways  we  are  not,  but  I  think  we 
have  created  a  good  balance.  Our  retention  rate  for 
our  young  employees,  particularly  women  coming 
in,  has  improved  significantly.  But  something  that 
our  company  is  very  concerned  about  is  women  in 
math  and  the  sciences.  We  are  not  graduating  enough 
people  in  general  with  those  skills.  So  a  big  concern 
we  have  in  our  company,  as  the  boomers  start  retir¬ 
ing,  is  how  we  fill  those  science  positions. 

—  Interview  by  Rebecca  Linke, 
a  writer  and  editor  living  outside  of  Boston 
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Smartphone  Privacy: 

IT  Caught  in  the  Crossfire 


Normally, 
anything  done 
on  a  company's 
hardware  is 
considered 
rightfully  acces¬ 
sible  to  the  busi¬ 
ness.  But  should 
that  include 
location  data? 


Preston  Gralla  is  a 

Computerworld.com 
contributing  editor 
and  the  author  of 
more  than  35  books, 
including  How  the 
Internet  Works 
(Que,  2006). 


THE  NEWS  that  iPhones,  iPads  and  Android  devices  secretly  track  the 
locations  of  their  owners  poses  a  potentially  serious  dilemma  for  IT 
staffs.  If  someone’s  manager  asks  IT  to  retrieve  that  data  and  hand 
it  over,  what  should  IT  do?  We  certainly  have  to  acknowledge  that  a 
device  that’s  used  for  business  purposes  but  automatically  tracks  personal 


information  blurs  the  line  between  personal  and 
corporate  information. 

First,  a  bit  of  background.  It  was  recently  re¬ 
vealed  that  iPhones  and  iPads  track  their  owners’ 
locations  and  store  that  information  in  unen¬ 
crypted  files  on  the  devices  and  on  the  owners’ 
computers.  Android  devices  do  the  same,  but  the 
files  aren’t  also  stored  on  computers. 

In  the  case  of  iPhones  and  iPads,  approximately 
too  data  points  —  in  other  words,  precise  infor¬ 
mation  about  places  the  user  has  visited  —  are 
logged  every  day.  A  single  file  can  have  tens  of 
thousands  of  these  data  points. 

Because  the  files  containing  these  data  points 
can  be  found  on  employees’  computers,  the  IT 
staff  has  easy  access  to  them.  And  even  in  the 
case  of  Android  devices,  where  the  data  is  stored 
only  on  the  phones  themselves,  IT  staffers  can  get 
access  to  them  as  well,  by  simply  taking  posses¬ 
sion  of  the  devices. 

Normally,  anything  done  on  a  company’s 
hardware  is  considered  rightfully  accessible  to  the 
business.  Email  and  information  about  the  web¬ 
sites  a  user  visits  aren’t  considered  private  —  the 
company  has  the  right  to  examine  it. 

That  standard  would  seem  to  apply  as  well 
when  the  hardware  is  a  smartphone  or  a  tablet. 
Email,  Internet  and  app  use  would  fall  under 
the  dominion  of  the  business,  just  as  they  would 
with  a  PC,  and  could  rightfully  be  examined.  But 
can  that  guideline  be  extended  to  location  data? 
Employees  are  often  required  to  carry  company- 


issued  smartphones  at  all  times,  including  after 
work  and  on  weekends.  And  now  we  know  that 
as  they  do  so,  their  movements  are  being  tracked, 
with  the  data  stored  in  a  file. 

Legally  Hazy 

So  I’ll  ask  the  question  again:  Does  the  user’s 
employer  have  the  right  to  examine  that  data  if 
it  owns  the  devices  it’s  stored  on?  And  if  it  does, 
should  it  do  so?  Is  it  really  an  employer’s  business 
if  an  employee  goes  to  his  daughter’s  softball 
practice  on  a  Saturday  afternoon?  How  about  if  an 
employee  goes  to  a  strip  club  on  a  Saturday  night? 
Even  though  I  don’t  frequent  strip  clubs,  I  want  to 
say  no,  that  information  should  remain  private. 
But  if  the  information  is  stored  on  a  device  that 
belongs  to  the  employer,  it’s  a  hazy  legal  issue. 

IT  staffs,  which  have  the  technical  capability  to 
gather  the  location  data,  will  inevitably  be  caught 
in  the  crossfire  when  this  question  arises.  But 
until  companies  develop  clear,  legally  valid  guide¬ 
lines  about  what  information  can  be  gathered  and 
what  can’t,  IT  shouldn’t  do  it. 

And  this  is  only  one  of  several  complicated 
issues  on  the  horizon.  For  example,  when  someone 
uses  a  personal  smartphone  to  conduct  company 
business,  is  everything  on  the  phone  fair  game  for 
the  enterprise? 

The  upshot:  If  you’re  in  IT,  get  your  company 
to  develop  clear  guidelines  on  smartphone  data 
now.  If  you  don’t,  it’ll  come  back  to  bite  you  in  the 
future.  ♦ 
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Projects  are  multiplying,  yet  a  shortage  of  in-house  skills 


MIKE  MILLER,  director  of  security 

at  Media  General,  is  a  big  fan  of 
open-source  tools,  particularly 
for  use  in  security.  “I  joke  that  it’s 
because  I’m  cheap,”  he  says.  “But 
the  fact  is,  there  are  solid  open- 
source  security  products  that  have 
been  around  a  long  time.” 

The  independent,  publicly  owned 
communications  company  in  Richmond,  Va.,  migrated  to  Red 
Hat  Linux  several  years  ago,  and  it  uses  a  variety  of  open- 
source  security  tools,  including  the  Nessus  vulnerability 
jib:,.  scanner  and  Snort  intrusion-detection  software. 


»  Media  General's  Mike  Miller  likes 
open-source  applications  but  says  it 


can  take  up  to  a  year  for  an  employ¬ 


ee  to  grow  really  comfortable 


with  some  tools. 
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Team  in  Training 

Most  IT  shops  say  they’re  training  in-house  staffers 
to  handle  open-source  projects: 


Is  your  organization  training  « 

in-house  developers  to  use  open-source  software, 
or  is  it  hiring  outside  help? 


adopting  open-source  applications  is  that  they  might  not  have 
the  skills  they  need  in-house.  In  a  survey  conducted  by  Computer- 
world  in  March,  56%  of  the  159  respondents  said  that  they  expect 
their  organizations’  use  of  open  source  to  increase  in  the  next  six 
months.  In  a  Computerworld  survey  last  year,  47%  of  the  143  re¬ 
spondents  said  they  anticipated  an  increase.  More  than  half  (51%) 
of  this  year’s  respondents  also  said  their  use  of  open  source  had 
increased  in  the  previous  six  months  (see  charts  at  left). 

In  the  March  survey,  57%  of  the  respondents  pointed  to  a  lack  of 
in-house  skills  as  the  No.  1  perceived  barrier  to  open-source  adop¬ 
tion.  Moreover,  staff  training  was  cited  as  the  most  costly  aspect  of 
an  open-source  software  implementation. 

“The  biggest  benefit  of  open  source,  in  addition  to  the  cost 
savings,  is  development  speed,”  says  Alice  Hill,  managing  director 
of  Dice.com.  “But  if  you  have  to  spend  all  your  time  training  your 
C++  developers  in  Ruby  on  Rails,  you  might  lose  that  benefit.” 

Dice.com  is  seeing  demand  for  open-source  skills  in  its  job 
postings.  Since  2010,  the  number  of  postings  for  all  technology 
jobs  has  grown  by  25%,  whereas  the  number  of  postings  seeking 
people  with  Linux,  Python  or  Ruby  on  Rails  expertise  has  grown 
31%,  53%  and  84%,  respectively  (see  “Right  Skills,  Right  Time,” 
page  24).  In  some  cases,  employers  are  offering  higher  salaries  to 
people  with  open-source  skills.  While  IT  salaries  have  been  gen¬ 
erally  flat  year  over  year,  salaries  for  people  who  know  Python 
are  up  7.1%,  and  salaries  for  those  with  Perl  expertise  are  up 
4.3%.  “We’re  definitely  seeing  larger  increases  for  these  scripting 
languages,”  says  Hill.  “People  are  willing  to  pay  more  for  those.” 

Additionally,  IT  professionals  skilled  in  Linux  tend  to  earn 
as  much  as  10%  more  than  their  peers,  according  to  Dice.  The 
average  salary  for  people  familiar  with  Red  Hat  and  Novell  SUSE 
Linux  is  $87,500,  compared  with  $79,000  for  IT  workers  overall. 

Companies  that  need  open-source  skills  are  offering  all  kinds  of 
working  arrangements,  says  Hill,  noting  that  job  postings  are  evenly 
distributed  across  full-time,  contract  and  telecommuting  positions. 

Feeling  Their  Way 

A  paper  published  in  the  March  2010  issue  of  the  Association 
for  Computing  Machinery’s  Communications  of  the  ACM  maga¬ 
zine  also  cited  a  dearth  of  expertise  as  a  barrier  to  open-source 
adoption.  According  to  the  paper,  titled  “The  Organizational 
Adoption  of  Open  Source  Software:  Barriers  and  Remedies,”  the 
problem  is  threefold:  Companies  may  be  unaware  of  open-source 
applications  that  are  relevant  to  their  businesses;  managers  may 
be  aware  of  open-source  applications  but  lack  the  knowledge 
required  to  implement  them;  or  managers  may  be  unaware  of  the 
support  services  available  to  assist  with  implementation,  since 
open-source  software  projects  are  often  run  by  volunteer  organi¬ 
zations  that  don’t  have  big  marketing  or  advertising  budgets. 

John  Biderman,  director  of  strategic  development  and  informa¬ 
tion  technology  at  Harvard  Pilgrim  Health  Care,  agrees  that  it 
takes  time  to  develop  the  in-house  expertise  needed  to  support 
open-source  initiatives.  Harvard  Pilgrim,  a  Wellesley,  Mass.-based 
health  insurer,  has  implemented  MediaWiki,  a  free  open-source 
wiki  package  written  in  PHP,  but  its  IT  department  is  a  Java  shop, 
and  the  staffers  had  no  particular  PHP  skills.  “We  had  one  guy  who 
knew  enough  to  use  the  config  files  and  set  things  up,  but  no  PHP 
expertise,”  Biderman  says.  As  a  result,  he  adds,  “if  we  wanted  to 
modify  the  system  at  all  or  extend  it,  we  wouldn’t  be  able  to.” 

Version  management  is  another  challenge.  “The  open-source 


■  Staff  training  was  cited  as  the  most  costly  aspect  of 
open-source  software  projects. 


•  51%  of  respondents  said  their  organization's  use  of  open 
source  had  increased  in  the  past  six  months. 


SOURCE:  EXCLUSIVE  COMRUURWORLD  SURVEY 

of  Ls*»  it  professionals,  march  2011 


But  there’s  a  catch:  Whereas  users  can  receive  training  from 
Red  Hat  and  even  become  certified  in  Linux,  they’re  on  their  own 
when  it  comes  to  the  security  applications.  “It’s  more  a  matter  of 
getting  to  know  the  application,  using  it  and  researching  it  on  the 
Web,”  Miller  says.  He  tends  to  hire  internally  for  his  team,  and  so 
far  all  of  his  people  have  had  to  learn  on  the  job.  While  the  basics 
come  pretty  quickly,  Miller  says,  the  tools  are  more  difficult  to 
master  than  their  commercial  counterparts,  and  it  might  take  a 
year  to  become  really  comfortable  with  some  of  them. 

Across  industries,  demand  is  growing  for  people  with  open- 
source  skills  because  the  number  of  open-source  projects  is  on 
the  rise.  In  fact,  one  of  the  first  challenges  enterprises  face  when 


Collision  Cours  e 

■  -  A  lack  of  in-house  expertise  was  cited  as  the  top  barrier 
to  open-source  adoption. 
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The  biggest  benefit  of  open  source,  in  addition  to  the  cost  savings, 
is  development  speed.  But  if  you  have  to  spend  all  your  time  training  your  C++ 
developers  in  Ruby  on  Rails,  you  might  lose  that  benefit. 

ALICE  HILL,  MANAGING  DIRECTOR,  DICE.COM 


community  is  constantly  modifying,  extending  and  adapting  open- 
source  components,”  Biderman  says.  He’s  looking  into  software 
from  a  German  company  that  would  support  version  control  on 
MediaWiki.  But  in  the  meantime,  he’s  avoiding  any  upgrades  or 
improvements  to  the  system.  “I’d  like  to  be  in  a  more  flexible  mode, 
where  I  can  stay  current  with  latest  releases,  and  that  would  be  by 
purchasing  a  turnkey  version  with  a  support  package,”  he  says. 

Hard  to  Find,  Hard  to  Keep 

At  Media  General,  Miller  has  found  that  employees  who  master 
open-source  security  tools  tend  to  get  lured  away  to  more 
challenging  positions  that  pay  more.  “I  refer  to  them  as  ‘gradu¬ 
ates,’  ”  he  says.  “As  people  become  senior,  especially  in  security, 
they  want  more  challenges  than  we  can  offer  them  at  a  media 
company,  so  they  grow  here  and  get  more  somewhere  else.” 

But  Miller  intends  to  continue  developing  skills  internally 
because  his  other  option  is  to  pay  salaries  that  he  can’t  afford. 
“Those  who  are  knowledgeable  in  open  source  tend  to  be  more 
senior  people  with  more  experience,  so  there’s  a  huge  difference  in 
salary,”  he  says.  In  fact,  after  struggling  to  hire  Linux  employees  — 


positions  sometimes  remained  open  for  months  —  Media  General 
ended  up  outsourcing  its  Linux  initiatives.  Miller  says  one  of  the 
reasons  he  faces  such  challenges  is  because  Media  General  is  a 
midsize  employer  in  a  job  market  with  bigger  and  better-paying 
Linux  shops. 

Carl  Weddle,  director  of  IT  at  Quality  Trailer  Products,  agrees 
that  location  has  a  lot  to  do  with  finding  open-source  talent. 
Located  in  Azle,  Texas,  just  west  of  the  Dallas/Fort  Worth  metro¬ 
politan  area,  the  manufacturer  switched  to  Linux  several  years  ago 
and  then  adopted  open-source  reporting,  business  intelligence, 
database,  security  and  content  catalogue  tools.  It  also  uses  the 
open-source  LAMP  stack  for  Web  services.  Half  of  Quality  Trailer’s 
desktops  now  use  OpenOffice,  and  the  company  has  standard¬ 
ized  on  the  Firefox  browser.  Weddle  estimates  that  60%  to  75%  of 
Quality  Trailer’s  computing  systems  rely  on  open-source  software. 

However,  it’s  much  more  difficult  to  find  people  with  open- 
source  skills  in  Azle  than  it  is  in  the  larger  cities.  “Over  here,  the 
old  saw  about  ‘No  one  ever  got  fired  for  using  IBM  and  Micro¬ 
soft’  holds  pretty  good  sway,”  he  says.  When  an  employee  with 

Continued  on  page  24 


The  Way  to  Better  Science." 


Cray  builds  computers  that  accelerate  solutions  to  science 
and  engineering’s  toughest  challenges.  Since  1976, 
Cray  systems  have  brought  unparalleled  performance 
and  processing  capability,  enabling  countless  scientific 
breakthroughs.  And  with  solutions  ranging  from  the 
deskside  to  the  datacenter,  Cray  has  the  answer  for  you. 
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OPEN-SOURCE  SKILL 


PERCENTAGE  CHANGE 
IN  JOB  OPENINGS 
FROM  2010 


PERCENTAGE 
CHANGE  IN  SALARY, 
2009-2010 


Ruby  on  Rails  (programming  language) 

+84% 

-0.6% 

Python  (programming  language) 

+53% 

+7.1% 

MySQL  (database) 

+46% 

+0.1% 

PHP  (programming  language) 

+43% 

+1.1% 

Ajax  (programming  language) 

+37% 

-4.3% 

Linux  (operating  system) 

+31% 

-0.3% 

Perl  (programming  language) 

+25% 

+4.3% 

Apache  (Web  server) 

+24% 

-2.5% 

Tomcat  (application  server) 

+24% 

-3.0% 

Red  Hat  Linux  (operating  system) 

+21% 

+1.3% 

Continued  from  page  21 

open-source  skills  left  the  company  a  few  years  ago,  Weddle  did 
find  a  replacement  —  but  he  paid  for  it.  “I  ended  up  paying  a  little 
more  than  market  value  to  get  someone  with  deep  knowledge  and 
enthusiasm  for  open  source,”  he  says. 

At  ACP  Interactive,  a  San  Francisco-based  marketing  firm, 

IT  Director  Ed  Skokowski  says  he  too  has  lost  staffers  who  have 
moved  on  after  getting  experience  with  an  open-source  applica¬ 
tion  —  in  his  case,  Perl,  which  ACP  uses  extensively. 

Building  the  Skills 

In  light  of  the  salary  premiums  companies  have  to  pay  to  recruit 
people  with  open-source  skills,  it’s  no  wonder  the  preferred 
method  of  acquiring  such  expertise  seems  to  be  training  in-house 
staff.  In  Computerworld’s  March  survey,  85%  of  the  respondents 
said  they  chose  that  option  instead  of  hiring  outside  contractors. 

To  Skokowski,  teaching  open  source  is  like  teaching  an  old  dog 
new  tricks.  ACP  has  migrated  about  80%  of  its  Windows  servers 
to  Linux,  and  while  those  systems  are  now  up  and  running, 
Skokowski  says  there  were  a  few  false  starts  over  a  five-year 
period.  “Just  getting  the  printers  to  work  was  a  two-to-three-day 
chore,”  he  says.  “If  you’ve  lived  in  Windows  a  long  time,  you  get 


used  to  the  idiosyncrasies  of  getting  it  to 
work,  and  it’s  the  same  thing  in  Linux.” 

For  instance,  Skokowski  says  he  has 
encountered  discrepancies  between 
what  the  Linux  command  line  shows 
and  what  you  see  through  its  graphical 
user  interface.  He  once  made  a  change 
to  an  IP  address  through  the  GUI,  but 
the  system  didn’t  reset.  The  problem 
was  apparent  in  the  command  line 
but  not  through  the  GUI.  “You  have  to 
know  how  to  navigate  via  the  command 
line  really  well,”  he  says. 

In  another  case,  servers  were  automat¬ 
ically  turning  off  at  night.  The  solution 
turned  out  to  be  simple,  but  it  was  an 
obscure  problem  that  required  research 
on  online  forums  to  resolve,  Skokowski 
says.  What’s  nice  about  open  source, 
however,  is  that  when  you  do  encounter 
a  problem,  you  can  capture  a  screenshot 
and  pop  it  into  Google  to  see  if  other 
users  have  a  solution,  he  says. 

Skokowski ’s  staff  mainly  learned 
about  open  source  through  hands-on 
training,  although  he  enrolled  himself 
and  a  couple  of  others  on  his  then-10- 
person  team  in  a  couple  of  systems  ad¬ 
ministration  courses  at  the  University  of 
California,  Berkeley.  “We  set  up  a  server 
and  gradually  built  more  machines  to 
get  more  experience  with  it,”  he  says. 
They  also  read  books  and  visited  online 
forums  like  LinuxQuestions.org.  “The 
community  is  so  good,  there  really 
hasn’t  been  much  we  haven’t  been  able 
to  solve,”  he  adds. 

At  Media  General,  Miller  trains  new  hires  in-house.  “The  tools 
themselves  are  good;  they  just  take  a  little  longer  to  learn  than 
commercial  tools,”  he  says.  For  instance,  you  can  quickly  learn  to 
do  a  security  scan  with  Nessus,  but  running  a  nonintrusive  scan 
rather  than  an  intrusive  one,  and  knowing  the  ramifications  of 
each,  is  a  matter  of  using  the  tools  in  different  circumstances  over 
time  —  maybe  six  months  to  a  year. 

Miller  says  vendors  try  to  make  commercial  tools  easy  to  use, 
with  demos,  GUI  wrappers  and  lots  of  help  files.  “That’s  a  big  selling 
point,  because  it  makes  it  easy  for  someone  who  doesn’t  have  a  lot  of 
experience  to  walk  in  and  do  what  they  need  to,”  he  says. 

Both  Nessus  and  Snort  offer  subscriptions  for  a  limited 
amount  of  support.  For  instance,  you  can  get  help  if  you’re 
loading  a  pattern  file  incorrectly  or  the  scanning  engine  isn’t 
updating,  “but  you’re  not  going  to  get  the  nitty-gritty  of  how  to 
schedule  scans,”  Miller  says. 

Although  he  tries  to  hire  internal  staffers  who  are  sharp  and 
seem  to  be  at  ease  learning  new  skills,  one  recent  internal  hire 
happened  to  be  an  experienced  Linux  administrator  and  “a  total 
command-line  junky”  who  compiled  his  own  Linux  kernels  and 
preferred  open  source  to  commercial  tools  to  grow  his  skill  set. 
Nonetheless,  after  six  months  on  the  job,  the  employee  was  still 
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becoming  familiar  with  the  types  of  alerts  coming  through  and 
learning  how  to  respond  to  them.  “Because  some  alerts  only 
show  up  every  few  months,  it  might  be  a  year  before  he  realizes 
[a  certain]  alert  is  something  he  needs  to  fix,”  Miller  says. 

Setting  the  Stage 

Meanwhile,  Weddle  says  not  all  employees  are  up  to  the  task  of 
learning  open-source  skills.  “It’s  heavily  personality-dependent,” 
he  says.  “If  you  have  someone  antagonistic  to  the  open-source 
idea,  they’ll  be  hard  to  train.  But  if  they’re  open-minded  or  dabbled 
in  both  open-source  and  commercial  technologies,  it’s  quite  easy.” 

A  case  in  point  was  when  his  company  first  moved  to  open 
source.  On  his  three-person  staff,  one  employee  blossomed 
during  the  migration,  while  another  was  less  enthusiastic.  “He 
began  to  pick  up  on  it,  but  another  opportunity  came  up  and 
he  jumped  ship,”  Weddle  says.  “There  are  these  odd  religious 
wars.  If  someone  is  entrenched,  they’re  just  not  going  to  change. 
But  most  folks  are  in  the  middle,  and  it’s  not  that  big  a  deal  to 
get  someone  to  switch.  Many  revel  in  it  —  they’ve  never  had  a 
chance  to  play  with  this  before,  and  they  go  for  it.” 

David  O’Berry,  director  of  IT  systems  and  services  at  the 
South  Carolina  Department  of  Probation,  Parole  and  Pardon 
Services,  agrees  that  it’s  the  team  itself  that  dictates  the  ease  of 
the  transition.  “A  strong  development  staff  can  absorb  anything,” 
he  says.  In  his  experience,  training  on  open  source  is  no  different 
from  training  on  any  unfamiliar  technology.  “Six  years  ago,  I 
went  from  PowerBuilder  to  .Net,  and  that  was  no  easier  than  if  I 
were  going  to  J2EE,”  he  says.  “No  matter  what,  when  you  move 
from  one  technology  to  another,  there’s  going  to  be  retraining.” 

Preparing  a  staff  for  open  source  can  take  time.  At  The 
Mitre  Corp.,  CIO  Joel  Jacobs  says  the  public-interest  not-for- 
profit’s  success  with  open  source  is  very  much  tied  into  its  in¬ 
vestment  in  development  skills  over  the  past  five  years  and  its 
emphasis  on  continual  innovation.  Mitre’s  main  open-source 
initiative  is  its  Linux-based  intranet  portal,  developed  over  the 
past  18  months  and  now  used  by  more  than  7,000  employees. 

For  the  past  few  years,  Bedford,  Mass.-based  Mitre  has  been 
working  to  make  sure  it  has  the  right  skills  in-house  to  do 
more  custom  development  so  it  doesn’t  have  to  rely  on  com¬ 
mercial  systems.  “For  some  people,  that  was  an  easy  transfor¬ 
mation,  while  for  others,  it  wasn’t  the  right  environment,  “and 
they  have  moved  on  to  more  suitable  opportunities,”  says  Bill 
Donaldson,  head  of  applications  development. 

It’s  not  always  easy  to  find  the  right  staffers,  say  Donaldson 
and  Jacobs.  “We’re  seeing  difficulty  hiring  across  the  board,”  for 
both  custom  code  and  open  source,  Jacobs  says.  However,  the  fact 
that  Mitre  offers  opportunities  to  work  with  open  source  makes 
it  more  attractive  to  job  hunters,  he  believes.  Additionally,  Mitre’s 
efforts  to  create  an  engaged  workforce  that  is  working  on  things 
that  matter  to  them  makes  it  easier  to  recruit  and  train  internally. 

In  the  end,  open-source  proponents  say  the  need  for  training 
shouldn’t  discourage  companies  from  migrating  to  or  expanding 
their  use  of  open  source.  “Although  we  pay  more  for  the  troops, 
the  lower  costs  and  the  lack  of  hassle  when  I  want  to  change 
something  makes  all  the  difference,”  Weddle  says.  “When  new 
business  requirements  come  barreling  down,  it’s  so  much  easier 
to  respond  with  the  open-source  stack.”  ♦ 

Brandel  is  a  Computerworld  contributing  writer.  You  can 
contact  her  at  marybrandel@verizon.net. 
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SPOTLIGHT 


OPEN  SOURCE 


N  2006,  A  BRANCH  OF  THE  U.S.  ARMED  SERVICES  wanted 

to  know  just  how  prevalent  open-source  software  had 
become  in  its  IT  ranks. 

The  IT  staffers  knew  that  Linux  and  a  few  other  open- 
source  infrastructure  apps  were  being  used  in  “a  couple  of 
divisions,”  but  they  wanted  to  get  a  full  understanding  of 
that  usage  and  then  estimate  the  ROI  to  determine  whether 
source  should  be  rolled  out  to  other  divisions.  Consultants 

Continued  on  page  28 
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Gray  Area 

Does  your  organization  calculate 
the  total  costs  (TCO)  and  benefits 
(ROI)  of  open-source  software? 


Free  Rein 
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governance  plan  to  manage  open- 
source  software  usage? 
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from  Olliance  Group  took  a  look  at  the  service’s  operations 
and  after  three  days  came  back  with  some  shocking  news:  The 
military  branch  was  already  using  Linux  and  other  open-source 
applications  in  75%  of  its  divisions,  and  in  half  of  those,  open- 
source  use  had  already  reached  mission-critical  status. 

Though  the  open-source  train  had  left  the  station  without  IT 
management  onboard,  the  consulting  firm  was  able  to  deter¬ 
mine  that  the  various  divisions  using  open  source  were  seeing 
an  ROI  of  300%  to  700%.  But  the  military  branch  still  had  no 
governance  plan  over  the  use  of  open-source  technology.  Need¬ 
less  to  say,  “they  have  one  now,”  says  Andrew  Aitken,  a  senior 
vice  president  at  Palo  Alto,  Calif.-based  Olliance,  which  was 
acquired  by  Black  Duck  Software  in  2010. 

It’s  happening  in  the  commercial  world,  too,  he  says.  With 
the  proliferation  of  open-source  applications,  and  with  vendors 
moving  from  licensed  models  to  software-as-a-service  models, 
open  source  is  in  a  state  of  rapid  maturation.  What’s  more,  “in 
today’s  large  distributed  environments,  [companies]  do  lots  of 
their  own  developing  across  the  globe,  and  they  outsource  a  lot 
of  development,  so  they  really  don’t  know  what  their  partners 


may  be  using.  So  it’s  taking  a  while 
to  develop  the  critical  mass  to  get 
the  attention  of  people  who  have 
the  knowledge,  experience  and  re¬ 
sponsibility  to  develop  ROI  and  TCO 
models,”  Aitken  adds. 

So  it  comes  as  no  surprise  that 
42%  of  130  open-source  users  re¬ 
sponding  to  a  recent  Computerworld 
survey  reported  that  they  aren’t 
measuring  the  return  on  investment 
or  total  cost  of  ownership  of  their 
open-source  projects,  and  19%  said 
they  don’t  know  if  they’re  measuring 
those  things.  And  more  than  two- 
thirds  don’t  have  a  written  gover¬ 
nance  plan  (see  charts  at  left). 

“In  many  cases,  open-source  users 
are  basing  their  entire  assumption 
for  TCO  on  acquisition  costs,”  says 
Mark  Driver,  an  analyst  at  Gartner. 
“They  assumed  that  in  the  long  run, 
it  will  be  cheaper,”  but  they  don’t 
take  into  consideration  hardware 
costs,  training,  consulting  needs  and 
the  ramifications  of  downtime  if  a 
system  fails. 

“Most  of  [our  clients]  aren’t 
measuring  or  don’t  care,”  Aitken 
says.  “It’s  simply  not  in  their  lexicon 
to  look  at  open  source  from  an  ROI  perspective.”  They  are  more 
focused  on  creating  business  value  than  on  saving  IT  dollars. 

But  others  say  companies  can’t  be  sure  they’re  creating  busi¬ 
ness  value  without  running  the  numbers  first,  and  having  a  gov¬ 
ernance  plan  is  one  of  the  best  ways  to  get  a  grip  on  open-source 
costs  —  and  keep  the  company  from  unwittingly  getting  tied  up 
in  legal  battles  over  the  use  of  proprietary  software. 

Hidden  Costs,  Hidden  Value 

Whenever  an  organization  adopts  a  new  technology,  there’s 
always  a  leap  of  faith  that  it’s  going  to  be  cheaper,  better  and  more 
secure.  “Then  it  invariably  gets  justified  backwards,”  says  Stephen 
Walli,  technical  director  at  Outercurve  Foundation,  a  nonprofit 
organization  that  works  with  commercial  companies  to  facilitate 
their  participation  in  open-source  development  projects. 

Calculating  ROI  can  be  easy  if  you  buy  an  open-source  package 
like  Red  Hat  Linux.  But  in  practice,  it’s  more  difficult  because 
there  are  so  many  open-source  apps  and  so  many  usage  models. 
“People  are  learning  that  there  are  other  benefits,”  such  as  risk 
reduction  or  the  ability  to  build  a  website  without  creating  code 

Continued  on  page  30 


Most  of  [our  clients]  aren’t  measuring  or  don’t  care.  It’s  simply  not  in  their 

lexicon  to  look  at  open  source  from  an  ROI  perspective. 

ANDREW  AITKEN,  SENIOR  VICE  PRESIDENT,  OLLIANCE  GROUP 
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from  scratch  or  buying  an  expensive  devel¬ 
opment  tool,  Walli  says. 

The  ROI  argument  that  “open  source  is 
cheaper”  is  losing  relevance,  in  part  because 
more  and  more  companies  are  citing 
quality,  reliability  and  security  as  reasons 
for  switching  to  open  source,  according  to  a 
2010  study  by  Accenture. 

“It’s  easy  to  say  that  [open  source]  will 
create  value,  but  it’s  very  important  to  be 
systematic  on  how  you  create  value,  to 
ensure  that  you’re  actually  doing  it,”  says 
Tomas  Nystrom,  a  senior  director  at  Ac¬ 
centure  who’s  responsible  for  open  source. 

He  advises  companies  to  consider  the 
entire  life-cycle  cost  of  using  open  source. 

That  means  estimating  training  expenses 
and  assessing  the  long-term  impact  on  the  help  desk,  not  just 
calculating  the  cost  of  equipment  and  staff,  for  example. 

Other  hidden  expenses  could  include  the  costs  of  handling 
quality  assurance  and  regression  testing  in-house,  the  creeping 
costs  you  incur  if  you  end  up  doing  a  lot  of  software  mainte¬ 
nance,  and  the  potential  cost  of  buying  another  system  if  the 
open-source  software  doesn’t  do  what  you  need  it  to  do. 

Many  CIOs  choose  to  avoid  ROI  questions  by  focusing  on  value 
created  for  the  business  rather  than  IT  cost  savings,  Walli  says. 
Calculating  ROI  and  TCO  “is  really  hard  to  do,”  he  says.  “But  it’s 
often  fairly  easy  to  demonstrate  that  ‘once  this  system  was  put  in 
place,  we  were  adding  this  amount  of  business  to  the  corporation.’  ” 

Governance  Required 

Why  is  governance  so  important?  Ask  Barnes  &  Noble.  In 
March,  B&N  got  caught  in  a  patent  infringement  suit  between 
Microsoft  and  the  developers  of  Android.  Microsoft  filed  suit 
against  Barnes  &  Noble,  claiming  that  B&N’s  Nook  Color  Tablet 
device  and  Nook  e-reader  contained  Microsoft  intellectual  prop¬ 
erty  found  in  the  Android  open-source  mobile  operating  system. 


ROI\  .TCO 


■  Return  on  investment  (ROI)  is  largely  focused  on 
measuring  benefits  to  see  if  they  exceed  the  costs  of  im¬ 
plementing  a  specific  IT  project.  An  ROI  calculation  divides 
the  benefits  of  a  project  by  the  costs  and  expresses  that 
calculation  as  a  percentage  over  a  specific  time  period 
(usually  three  years). 

V, 

■  Total  cost  of  ownership  (TCO)  simply  adds  up  all 
the  costs  associated  with  a  particular  IT  investment.  TCO 
typically  is  used  for  comparative  purposes,  such  as  weigh¬ 
ing  the  costs  of  .open  source  against  those  of  proprietary 
systems  in  order  to  determine  which  option  is  cheaper. 

...  \  * 

Vv':  \r  \  -  STACY  COLLETT 


Governance  means  different  things  to 
different  open-source  users.  Walli  puts 
open-source  players  into  three  categories: 
those  who  buy  it,  those  who  use  it  and 
those  who  make  it.  “Once  you  identify 
which  bucket  [you’re  in],  it  allows  you  to 
build  a  governance  process  that  really 
speaks  to  those  three  different  functions,” 
he  says. 

Buying  open  source  is  like  buying  any 
other  software  for  an  organization.  As 
part  of  the  governance  plan,  IT  managers 
can  set  up  an  internal  website  dedicated 
to  open-source  offerings,  with  a  list  of 
approved  products  for  purchase,  product 
numbers  and  downloads. 

Using  open  source  means  download¬ 
ing  software  without  buying  services  or 
support  from  a  vendor.  “If  you’re  just  downloading  [the  open- 
source  content  management  system]  Alfresco  —  for  example,  the 
community  edition  —  with  your  own  knowledge  base,  then  the 
skill  sets  you  need  are  very  different.  You  start  allowing  people 
to  demonstrate  what  they  have  learned  in-house,”  Walli  says. 

The  governance  plan  should  identify  employees  who  are 
willing  to  help  support  the  product  inside  the  company  and  stay 
current  with  the  community  so  they  know  when  to  apply  secu¬ 
rity  patches  or  deal  with  other  issues  that  may  arise.  The  plan 
should  also  specify  the  downloadable  binaries  that  the  employee 
is  willing  to  support. 

Developers  often  use  pieces  of  open-source  software  as  build¬ 
ing  blocks  when  they  create  applications  (as  in  the  Barnes  & 
Noble  case).  “That’s  where  you  start  caring  about  licenses  and 
have  discussions  with  internal  counsel  and  explain  to  them 
things  they  need  to  consider”  in  the  governance  plan,  says  Walli. 

The  IT  organization  needs  to  maintain  control  of  open-source 
policies  and  not  let  the  legal  team  decide  them,  proponents  say. 
Developers  need  to  help  attorneys  understand  the  economic  mo¬ 
tivation  for  using  open  source  and  “get  them  away  from  the  con¬ 
cerns  over  derivatives,  plagiarism  and  lawsuits,”  Walli  adds.  He 
compares  using  open  source  to  a  lawryer  writing  a  contract.  The 
lawyer  doesn’t  start  from  scratch;  he  borrows  text  from  previous 
contracts  that  have  been  peer-reviewed  and  are  known  to  work. 

Do  ROI  and  TCO  need  to  be  determined  before  a  governance 
plan  is  set  up,  or  will  a  governance  plan  lead  to  better  ROI  and 
TCO?  It’s  a  chicken-and-egg  problem,  Walli  explains.  “Gover¬ 
nance  is  about  how  we’re  going  to  do  something,  whereas  the 
ROI  discussion  is  about  why  we’re  going  to  do  it,”  he  says.  At  any 
point  in  the  company’s  open-source  evolution,  it’s  never  too  late 
to  come  up  with  a  governance  plan.  Conversely,  if  open-source 
projects  have  a  proven  ROI,  then  it  should  be  easy  to  develop 
rules  around  the  best  uses  of  open  source  in  the  organization. 

At  the  end  of  the  day,  industry  watchers  say  there’s  a  balance 
between  managing  the  risks  of  open  source  and  managing 
opportunity.  “It’s  fine  if  you  react  to  potential  risk,  but  the 
long-term  view  should  be  on  maximizing  the  opportunity.  Open 
source  is  inevitable  across  the  entire  technology  ecosystem,” 
Aitken  says.  “You  can’t  afford  to  be  an  ostrich.”  ♦ 

Collett  is  a  Computerworld  contributing  writer.  You  can  contact 
her  at  stcoUett@aol.com. 


It’s  easy  to  say  that 
[open  source]  will 
create  value,  but  it’s 
very  important  to  be 

systematic  on  how 
you  create  value, 

to  ensure  that  you’re 
actually  doing  it. 

TOMAS  NYSTROM,  SENIOR  DIRECTOR, 
ACCENTURE 


30  COMPUTERWORLD  MAY  9.  2011 


ITS  ALL  ABOUT  THE 


What  could  be  bigger  than  cloud  computing?  Look  inside  the  cloud  and  you  will  see.  It's  all  about  data. 
Big  data.  Big  data  that  is  not  only  big  in  size  but  big  in  significance  and  impact.  Data  is  the  lifeblood 
and  opportunity  of  today’s  enterprise  and  that  is  where  your  future  begins...and  ends.  Learn  more  about 
your  path  to  competitive  advantage  at  the  intersection  of  big  data  and  cloud  computing  by  visiting: 
www.greenplum.com/lookinside 


EMERGING  TECHNOLOGY 


Four  startups  offer  fresh  ideas  for  reducing 
enterprise  IT  headaches,  by  sandra  gittlen 


IF  YOU  WANT  TO  KNOW  what 

IT  tools  and  technologies 
you’ll  be  using  in  a  few 
years,  it  pays  to  keep  an  eye 
on  startups  that  are  focused 
on  enterprise  technologies. 

Venture  capitalists  and 
entrepreneurs  agree  that  the 
IT  startups  that  get  funding 
these  days  are  those  whose 
offerings  cut  costs,  relieve 
headaches  and  generally  make  CIOs’  lives 
easier  —  without  capital  investments  in 
software  and  supporting  infrastructure. 
Investors  are  backing  startups  that  aim  to 
do  just  that  with  systems  that  handle  tasks 
like  IT  resource  tracking,  cloud  storage,  vir¬ 
tualization  and  mobile  device  management. 

Here  are  snapshots  of  four  startups  that 
are  bringing  hassle-saving  IT  products 
and  services  to  the  enterprise.  Even  if  you 
don’t  end  up  using  these  specific  products, 
chances  are  you’ll  check  out  something 
similar  within  the  next  year  or  so. 

Continued  on  page  34 
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AT  A  GLANCE 


Enterprise  product: 
Technology  Business 
Management  suite 


Pricing:  Starts  at  $100,000 
annually,  depending  on  the 
number  of  users  and  modules 
deployed 


Funded  by:  Andreessen 
Horowitz,  Cisco  Systems,  Greylock 
Partners,  Madrona  Venture  Group 
and  Shasta  Ventures 


Continued  from  page  32 

1  Cloud-Based  IT  Resource 
Tracking:  Apptio 

For  the  past  few  years,  IT  has  been 
under  pressure  to  evolve  and  become 
a  service  provider  for  the  enterprise 
instead  of  being  a  cost  center.  This 
means  tracking  business  units’  usage 
of  IT  resources,  including  labor,  hardware,  software, 

power  and  cooling. 

CIOs  and  other  IT  man¬ 
agers  often  develop  bills  of 
services  using  a  combina¬ 
tion  of  spreadsheets,  busi¬ 
ness  intelligence  software, 
asset  management  systems 
and,  in  some  cases,  blind  es¬ 
timates,  according  to  Sunny 
Gupta,  Apptio’s  president, 
CEO  and  co-founder. 

“IT  executives  are  trying 
to  manage  IT  without  any 
real  way  to  measure  costs, 
quality  of  service  and  the 
actual  value  of  IT  products. 
They  have  management 
tools  to  measure  individual 
aspects  of  IT  —  such  as  the 
network,  bandwidth  and 
mobile  devices  —  but  not 
as  a  holistic  view,”  he  says. 

Apptio’s  Technology  Business  Management  (TBM) 
software-as-a-service  suite  promises  to  give  IT  teams 
and  corporate  executives  a  consolidated  look  at  all  IT 
investments  and  their  associated  costs,  showing  the 
financial  impact  of  client,  infrastructure  and  applica¬ 
tion  services,  says  Gupta.  Authorized  users  can  input 
data,  run  reports,  view  data  via  customized  dash¬ 
boards,  or  dispatch  alerts  based  on  predefined  thresh¬ 
olds,  such  as  a  business  unit’s  storage  usage  level. 

IT  also  can  create  a  “bill  of  IT”  for  each  business 
unit  to  show  its  exact  service  consumption.  Gupta  says 
this  is  critical  for  forecasting,  aligning  budgets  and 
developing  an  accurate  chargeback  program. 

For  instance,  using  TBM,  a  company  might  realize 
that  employees  are  using  10  applications  that  perform 
similar  functions.  By  standardizing  on  one,  it  could 
gain  significant  cost  efficiencies  in  the  form  of 
volume  pricing  and  streamlined  support.  Also,  TBM 
offers  what-if  scenarios  so  organizations  can  weigh 
the  pros  and  cons  of  granular  business  decisions, 
such  as  moving  storage  from  the  data  center  to  the 
cloud  or  increasing  the  use  of  telepresence  systems. 

Gupta  says  that  the  Starbucks  coffee  chain  started 
using  TBM  and  discovered  that  the  laptops  it  had  de¬ 
ployed  to  cut  desktop  expenses  were  actually  costing 
it  more  because  of  battery  replacements  and  support 
issues.  Armed  with  this  information,  the  company 
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was  able  to  change  its  warranties  and  help-desk  strate¬ 
gies  to  extract  the  savings  it  had  initially  anticipated. 

Mark  Gibbs,  CEO  of  Gibbs  Universal  Industries 
(GUI),  a  consultancy  in  Ventura,  Calif.,  says  that  as 
data  centers  become  more  complex,  “IT  resource 
tracking  is  as  important  as  ever.”  And  SaaS-based 
tools  offer  added  benefits,  such  as  easily  deployed 
add-ons  and  instant  feature  updates  based  on  re¬ 
quests  and  what-ifs  that  other  companies  use,  he  says. 

However,  he  warns  that  IT  teams  must  test  how 
data  gets  into  and  out  of  these  hosted  systems  to 
ensure  that  they  interoperate  smoothly  with  the 
tools  that  will  feed  them  data,  and  to  verify  that  ac¬ 
curate,  real  time  information  is  used. 

2  Cloud  Backup  for 

Web  Apps:  Backupify 

Under  strict  scrutiny  to  make  data 
recoverable  and  secure,  IT  is  faced 
with  an  ever-growing  challenge: 
controlling  all  the  data  that  users 
generate  in  Web  applications  such  as 
email,  social  media  sites,  and  document-sharing  and 
collaboration  tools. 

Enterprise  Strategy  Group  analyst  Lauren  White- 
house  regards  this  issue  as  the  Achilles’  heel  for  most 
organizations  in  this  era  of  third-party  hosted  applica¬ 
tions  and  cloud  storage.  “When  IT  owns  and  operates 
applications,  they  are  responsible  to  make  sure  that 
the  application  and  data  are  available,  which  includes 
employing  backup/recovery  tools  and  other  high-avail¬ 
ability  technologies.  Now  that  more  organizations  are 
outsourcing  applications,  the  issue  of  downtime  and 
data  loss  is  getting  exposed,”  she  says. 

This  is  particularly  a  concern  because  many 
online  service  providers  don’t  have  well-defined 
service-level  agreements,  Whitehouse  says.  She  calls 

Continued  on  page  36 
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Enterprise  product: 
Backupify  Pro  500 

Pricing:  Starts  at  $19.99  per  month 
for  10  users;  additional  users  are  $3  per 
month  each.  Includes  both  a  social  media 
account  backup  module  and  Google  Apps 
domain  backup. 

Funded  by:  Avalon  Ventures.  First 
Round  Capital,  General  Catalyst, 
Lowercase  Capital,  Betaworks  and  several 
individual  investors 


Free  your  workforce.  Control  what  matters. 
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Work  anywhere.  On  any  device.  We  call  that  virtual  computing. 

And  it’s  driven  by  virtualization  technologies  that  give  you  both 

freedom  and  control.  Virtual 

computing  frees  users  and  IT 
from  the  limitations  of 
'ar  the  traditional 
computing  model.  Give  IT 
control  over  what 
truly  matters—delivering 
desktops,  applications 
and  data.  Securely. 

Say  yes  to  users  who  need 
to  work  whenever,  on  any  device  they  choose. 

Experience  the  power  of  virtual  computing. 


Simplicity  is  power.  Citrix. 


CITRIX 


Citrix.com/SimplicitylsPower 


©  201 1  Citrix  Systems,  Inc.  All  rights  reserved.  Simplicity  is  Power  and  its  stylized  treatment  are  trademarks  of  Citrix  Systems,  Inc. 
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Getting  a  handle  on  mobile  device  management  is  becoming 
an  increasing  priority  for  many  organizations. 

SCOTT  CRAWFORD,  ANALYST,  ENTERPRISE  MANAGEMENT  ASSOCIATES 


Continued  from  page  34 

services  like  Backupify  “an  insurance  policy.” 

Backupify  is  a  SaaS-based  system  that  backs  up 
data  from  Basecamp,  Facebook,  Gmail,  Google  Docs, 
Twitter  and  other  online  applications  to  Amazon’s  S3 
storage  cloud  network.  “IT  struggles  because  users 
are  creating  data  in  all  these  silos  around  the  Web, 
and  that  data  is  exposed  to  hacking  and  viruses.  It’s 
also  prone  to  loss  from  human  error,”  says  Backupify 
CEO  Rob  May.  By  centralizing  user  data  in  Amazon’s 
environment,  IT  managers  can  apply  security  and  de- 
duplication  policies  for  compliance  without  building 
out  their  own  storage  infrastructures,  he  says. 

For  example,  to  back  up  Google  Apps,  IT  registers 
the  accounts  to  store  in  Backupify  and  receives 
emails  confirming  each  completed  backup,  as  well  as 
access  to  archives  and  downloads.  The  social  media 
backup  module  works  similarly;  IT  can  register  each 
service  and  user  it  wants  backed  up. 

Backupify  is  appealing  to  companies  that  must 
comply  with  data  retention  rules,  such  as  those  in 
financial  services  and  healthcare,  because  it  enables 
them  to  have  the  benefits  of  social  media  and  Web- 
based  applications  without  increased  risk.  May  says. 

Mobile  Device 
Management:  Kiomptek 

One  of  an  IT  manager’s  most  urgent 
needs  these 
days  is 
controlling 
mobile  devices 
in  the  enterprise.  Tracking 
and  securing  lost  and  stolen 
mobile  devices  has  been 
difficult  for  IT,  but  given 
that  many  smartphones  and 
tablets  have  access  to  corpo¬ 
rate  data,  the  ability  to  locate 
them,  lock  them  down  and 
erase  them  if  they  go  missing 
is  critical. 

“Getting  a  handle  on  mobile 
device  management  is  becom¬ 
ing  an  increasing  priority  for 
many  organizations,  par¬ 
ticularly  if  they  have  access  to 
sensitive  data  or  functionality,” 


says  Scott  Crawford,  an  analyst  at  Enterprise  Manage¬ 
ment  Associates,  a  consultancy  in  Boulder,  Colo. 

Kiomptek  developed  Track  and  Protect  to  secure 
IT’s  investment  in  mobile  devices  and  the  data 
stored  on  them,  says  founder  and  CEO  Robert 
Harmsen.  An  online  service,  Track  and  Protect  can 
be  managed  centrally  by  IT  or  individually  by  users. 

Once  a  device  is  registered  with  Track  and  Protect, 
IT  or  a  user  can  go  to  a  personal,  secure  Web  page  to 
take  steps  to  control  and  locate  it  if  it’s  lost  or  stolen. 
From  that  page,  which  can  also  be  accessed  via  mobile 
phone  browsers,  a  user  can  send  SMS-based  com¬ 
mands  to  lock  a  phone,  silence  it  so  it  doesn’t  attract 
attention,  use  GPS  (if  available)  to  locate  it,  or  have 
the  phone  call  another  number  and  amplify  the  mi¬ 
crophone  so  the  user  can  hear  what’s  going  on  around 
the  device.  For  instance,  a  user  might  recognize  the 
sounds  of  a  train  station  or  children  playing  in  a  park. 

Other  options  include  sending  a  text  message  to 
the  phone  to  announce  a  reward  for  its  safe  return, 
accessing  the  phone’s  history  —  including  numbers 
dialed  and  data  sent  —  or  remotely  activating  the 
phone’s  camera  so  the  user  can  see  the  device’s  loca¬ 
tion  or  take  a  picture  of  the  thief. 

Track  and  Protect  enables  remote  lockdown  of  a 
device  based  on  personal  preferences,  such  as  three 
failed  password  attempts.  IT  or  a  user  can  remotely 
wipe  a  compromised  phone,  and  the  service  can 

automatically  back  up  stored 
data  from  the  phone  before  it 
is  wiped. 

Harmsen  says  Track  and 
Protect  is  different  from  its 
competitors  in  that  it  uses  an 
encrypted  SMS  transport  layer 
to  carry  out  all  of  those  func¬ 
tions.  Regardless  of  the  device’s 
platform.  Track  and  Protect 
can  interact  with  the  phone, 
even  if  it  has  been  turned 
off,  the  SIM  card  has  been 
removed  or  the  battery  is  low. 

Track  and  Protect  is 
available  in  190  countries, 
including  the  U.S.  Kiomptek 
is  targeting  countries  where 
phone  theft  is  prevalent,  such 
as  Russia,  Brazil,  China  and 
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AT  A  GLANCE 


Enterprise  product: 

Track  and  Protect 

Pricing:  Free  to  download  the 
application.  Prepaid  packages 
are  available  -  for  instance.  10 
commands  cost  $5.99,  and  45 
commands  cost  $19.99,  depending 
on  geographic  region. 

Funded  by:  Privately  funded 
by  founders 
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Indonesia.  “Say  you  were  traveling  abroad  and  lost 
your  phone.  You  could  go  to  an  Internet  cafe,  log  in 
to  your  Track  and  Protect  Web  page,  and  locate  it  or 
secure  the  data,”  Harmsen  says. 

“Hosted  mobile  device  management  may  offer  an  ad¬ 
vantage  when  the  hosted  service  can  be  accessed  from 
the  same  public  networks  as  these  mobile  devices,” 
says  Crawford.  “This  potentially  improves  the  ability 
to  reach  and  manage  these  devices  wherever  found.” 


4  Database 

Virtualization:  Delphix 

One  task  that  can  consume  a  lot 
of  IT’s  time,  not  to  mention  data 
center  infrastructure,  is  database 
cloning.  Test  and  development, 
data  warehousing,  and  support 
teams,  among  others,  request  copies  of  production 
databases  on  a  regular  basis.  Each  time,  IT  must 
provision  server  and  storage  resources  to  house  all 
those  database  copies. 

Moreover,  the  data  becomes  stale  almost  as  soon 
as  it  is  duplicated,  and  it  can  be  difficult  for  IT  to 
track  the  different  versions  in  existence  to  delete 
them  and  reabsorb  the  underlying  resources. 

Startup  Delphix  has  developed  Delphix  Server 
to  virtualize  databases.  Essentially,  the  software 
creates  full  read/write  clones  of  Oracle  10  and  n 
production  databases.  These  clones  are  automati¬ 
cally  generated  from  abstracted  snapshots  and  log 
files,  and  they  require  a  tenth  of  the  storage  space 
that  physical  databases  need,  according  to  Karthik 
Rau,  vice  president  of  products  and  marketing. 

The  virtual  database  regularly  syncs  with  the 
production  database;  only  changed  data  is  sent  to  the 
virtual  database,  reducing  the  infrastructure  workload. 
Overall,  Delphix  aims  to  consolidate  data  center  re- 


Pricing;  Starts  at  $2,000  per 
month  for  an  annual  subscription 


sources  and  speed  applica¬ 
tion  testing,  development, 
deployment,  management 
and  upgrade  cycles. 

In  addition,  Delphix’s 
secure  self-service  portal 
lets  IT  set  policies  and 
allot  storage  so  users 
can  fulfill  their  own 
requests.  For  instance, 
if  a  developer  needs  a 
copy  of  the  company’s 
ERP  database,  he  can 
provision  it  himself.  This 
guarantees  fast  access 
to  the  freshest  data,  and 

when  his  project  is  complete,  the  virtual  database 
can  be  deleted  and  the  resources  reabsorbed. 

Rau  says  that,  perhaps  most  important,  Delphix 
Server  ensures  the  accuracy  of  data  and  reduces  pro¬ 
duction  environment  risks,  since  users  can  create  and 
recover  the  virtual  databases  from  any  point  in  time. 
Using  “true”  replicas  of  the  databases  increases  the 
quality  and  stability  of  the  application  in  production. 

“Since  creating  virtual  databases  requires  no 
additional  storage  capacity  and  is  fully  automated 
through  Delphix  Server,  developers  can  spin  up 
virtual  databases  on  the  fly  and  create  significantly 
more  database  environments  with  little  to  no  ad¬ 
ditional  infrastructure  investment,”  Rau  says. 

GUI’s  Gibbs  says  the  ability  to  virtualize  databases 
is  valuable  for  IT  organizations.  “For  a  large  database 
like  Oracle,  being  able  to  just  click  and  spin  up 
another  version  reduces  the  drag  on  IT  and  would  let 
developers  get  on  with  their  jobs  quickly.”  ♦ 

Gittlen  is  a  freelance  technology  writer  in  the  Boston  area. 
Contact  her  at  sgittlen@verizon.net. 


Funded  by:  Greylock  Partners 
and  Lightspeed  Venture  Partners 


Th  /oriel’s  for  ost  virtu  I  computing  conference. 
Betnere  physically. 


j*'_ '  4'"  •.  > 


CITRI 


Where  virtual  computing  takes  center  stage. 


Mav  -27 

;  ;  .  .  ..>>./  .t  ‘  . 

/  .  ..  -t/r  v-u:.  •; 

■  *  ■ '  \  ■  ‘  •*  • 

...  '■  '  .  !."■  - 

...  f.  }  .  '■  -■ 

<•  '!) 

■  ■  7V'J  !  y\. 

'  '  ■  '■  ''  i  . 

Register  today  at  /  y  co  •  '  , 

'  v/.rii,  f;  J.  /  y,:  ■,  ■ 

-t.  ■;  ■  ;  ,  ...  vj  .'.yV'  . 

©  2011  Oitrik  Systems,  Inc.  All  rights  reserved.  ,•  *•  C;!  ■  ,V “if  .2. 


Jig233|g|tf 


San  Diego’s  North  County 
Transit  District  sells  solar-generated 
power  back  to  the  local  utility  to 
earn  credits  on  AC  power  use. 


DATA  CENTERS 

Powerful 

Experiments 


Solar  arrays,  gas  turbines  and  fuel 
cells  are  among  the  innovative  options  for 
powering  data  centers.  By  John  Brandon 


ATA  CENTER  power 
usage  is  soaring  — 
the  U.S.  Environ¬ 
mental  Protection 
Agency  estimates 
that  data  center 

energy  requirements  will  double  in 
the  next  five  years. 

To  address  that  surge  in  energy  use, 
some  companies  are  turning  to  alter¬ 
native  sources  of  energy,  including 
solar  arrays,  natural  gas  turbines,  wind 
power,  fuel  cells  and  hydro  power. 
But  one  big  question  is  whether  these 
power  sources  will  deliver  a  return  on 
investment  in  the  near  future. 

Ted  Ritter,  an  analyst  at  Nemertes 
Research  Group,  says  many  compa¬ 
nies  are  having  a  hard  time  justifying 
an  investment  in  alternative  power 
sources  right  now  —  especially  if  it 
means  completely  replacing  the  reli¬ 
able  AC  power  already  coming  into 
their  buildings,  as  opposed  to  merely 
supplementing  it. 

But  some  users  are  forging  ahead 
with  alternative  energy  projects 
anyway,  figuring  on  a  payoff  within 
15  years. 

For  the  North  County  Transit 
District  (NCTD)  in  San  Diego,  solar 
was  the  most  obvious  choice  for  al¬ 
ternative  power.  The  organization’s 
data  center  is  relatively  small,  but 
it’s  big  enough  to  enable  the  agency 
to  handle  ticketing  for  12  million 
public  transportation  users  annually 
and  process  video  from  security 
cameras  in  transit  stations. 

Angela  Miller,  the  transit  agency’s 
CIO,  says  her  group  felt  a  need  to  be 
a  better  environmental  citizen.  As 
part  of  a  data  center  redesign,  the  agency  spent  about  $600,000 
on  a  30-panel  solar  array,  invested  in  virtualization  technology 
for  server  and  storage  systems,  and  bought  new  pods  that  pull  hot 
air  out  and  help  cool  equipment  inside  the  racks. 

The  NCTD  sells  solar-generated  power  back  to  the  local  utility  to 
earn  credits  on  AC  power  usage  (which  is  allowed  under  California 
law),  meaning  the  solar  initiative  has  become  a  profit  center.  The 
solar  panels  don’t  generate  power  for  the  building  directly. 

It  works  like  this:  The  local  utility  sells  AC  power  to  the  NCTD, 
then  the  agency  sells  the  utility  the  solar  energy  for  a  100%  credit. 
The  agency  has  a  five-year  plan  in  place  to  offset  all  AC  power  in 
its  data  center.  The  NCTD  generates  up  to  450  kilowatt-hours  of 
electricity,  and  it  plans  to  reach  1  megawatt-hour  in  five  years. 

“Solar  is  what  has  made  the  [data  center  redesign]  project  even 
have  an  ROI,”  says  Miller. 

Bob  Mobach,  a  consultant  at  systems  integrator  Logicalis 

Continued  on  page  40 
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A  Distinct  Mission:  Keeping  Open  Source  Open 


Open  Invention  Network®  is  a  collaborative  enterprise 
that  enables  innovation  in  open  source  and  an 
increasingly  vibrant  ecosystem  around  Linux  by 
acquiring  and  licensing  patents,  influencing  behaviors 
and  policy  and  protecting  the  integrity  of  the  ecosystem 
through  strategic  programs  such  as  Linux  Defenders. 

It  enables  the  growth  and  continuation  of  open  source 
software  by  fostering  a  healthy  Linux  ecosystem  of 
investors,  vendors,  developers  and  users. 

Open  Invention  Network  (OIN)  has  considerable 
industry  backing.  It  was  launched  in  2005,  and  has 
received  investments  from  IBM,  NEC,  Novell,  Philips, 
Red  Hat  and  Sony. 


One  of  the  key  methods  in  which  OIN  promotes 
Linux  is  by  acquiring  patents  across  a  wide  range 
of  technologies. 

Patents  owned  by  OIN  are  available  royalty-free  to  any 
company,  institution  or  individual  that  agrees  not  to 
assert  its  patents  against  the  Linux  Community.  This 
enables  companies  to  continue  to  make  significant 
investments  in  Linux— helping  to  fuel  economic  growth. 
More  than  forty-five  companies  have  licensed  the  OIN 
portfolio,  including  Google  and  Oracle,  among  others. 

For  more  information  on  how  to  license  the  OIN 
portfolio,  contact  license@openinventionnetwork.com. 


Linux  Defenders  (www.linuxdefenders.org) 

Open  Invention  Network  is  seeking  creative  and  energetic  individuals 
from  the  Open  Source  Community  to  actively  contribute  to  Linux  Defenders . 


Linux  Defenders  offers  the  Linux  and  broader  open  source  community  a  unique  opportunity  to 
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openinventionnebvor/c 

Research  Triangle  Park  Center 
4819  Emperor  Boulevard 
Suite  400 

Durham,  NC  USA  27703 
T:  +1  919  313  4904 
F:  +1  919  313  4905 
info@openinventionnetwork.com 

www.openinventionnetwork.com 


DATA  CENTERS 


Continued  from  page  38 
Group,  helped  the  NCTD  redesign  its  data 
center.  He  says  a  key  to  realizing  an  ROI  with 
alternative  power  is  embracing  virtualization. 

The  agency’s  data  center  is  about  80%  virtual¬ 
ized,  and  that’s  a  primary  reason  why  the  solar 
arrays  are  such  a  successful  power  source. 

“Virtualization  was  critical  for  so  many 
reasons,”  says  Miller,  noting  that  the  new 
setup  is  “way  more  efficient,”  makes  better 
use  of  hardware,  gives  the  data  center  a 
smaller  footprint  and  is  easier  to  manage  with 
fewer  people.  “My  actual  physical  footprint 
went  from  not  having  any  more  slots  in  the 
racks  available  to  having  only  half  of  the  racks 
occupied,  and  yet  we’ve  increased  our  applica¬ 
tions  this  year,”  she  says. 

Analysts  laud  efforts  like  the  NCTD’s  but 
warn  that  solar  power  isn’t  right  for  every  data  center.  “The  level 
of  efficiency  you  can  get  out  of  solar  energy  is  dictated  by  the 
location  of  the  data  center,”  says  Forrester  Research  analyst  Doug 
Washburn.  “If  you  are  in  an  area  where  the  sun  shines  more  fre¬ 
quently,  you  can  take  advantage  of  a  solar  investment.” 

One  reason  why  solar  may  not  be  the  best  data  center  power 
source  is  the  fact  that  data  centers  use  10  to  100  times  more  energy 
per  square  foot  than  a  typical  office  complex,  Washburn  says.  More¬ 
over,  resiliency  and  uptime  are  so  crucial  to  a  data  center’s  operation 
that  “it’s  a  critical  risk,  and  maybe  even  foolhardy  to  think  you 
could  power  the  majority  of  your  data  center  from  solar,”  he  adds. 

Washburn  agrees  that  virtualization  is  key  to  the  success  of  a 
solar  project.  Increasing  the  number  of  hosts  per  machine,  con¬ 
solidating  storage  and  decommissioning  equipment  that  has  been 
virtualized  can  make  a  data  center  more  efficient  even  before  an 
energy  switch-over,  he  says. 

Power  From  Jet  Engines 

Christopher  Sedore,  the  CIO  at  Syracuse  University,  says  the 
upstate  New  York  school  spent  about  $12  million  to  build  a  data 
center  that  uses  natural-gas-fired  microturbines  from  Capstone 
Turbine  to  generate  power  on-site. 

Microturbines  are  essentially  jet  engines  that  run  on  natural 
gas  and  provide  power  to  generators.  The  turbines  produce 
about  a  half  a  megawatt  of  power  for  the  university’s  data  center 
and  another  200  kilowatts  for  other  uses,  such  as  powering  an 
adjacent  building. 

The  turbines  enable  the  university  to  have  a  co-generation  setup, 
meaning  they  can  help  generate  both  heat  and  power  for  the  data 
center  or  nearby  buildings.  The  university  can  also  sell  any  extra 
power  the  turbines  generate  back  to  the  local  power  company. 

The  turbines  drive  two  150-ton  absorption  chillers  that  turn  the 
heat  exhaust  from  the  turbines  into  chilled  water  that  cools  the 


data  center.  In  the  winter,  the  university  uses 
cold  outside  air  for  data  center  cooling,  and 
hot  water  generated  by  the  turbines  is  used  to 
heat  an  adjacent  building. 

Banking  on  Fuel  Cells 

One  of  the  most  promising  new  technologies 
for  powering  data  centers  is  the  hydrogen 
fuel  cell.  Hydrogen  fuel  cells  don’t  produce 
any  harmful  emissions,  so  companies  such 
as  Verizon,  Whole  Foods  and  Google  have 
adopted  them  as  an  alternative  power  source 
for  office  or  retail  space. 

Few  organizations  use  fuel  cells  to  power 
data  centers,  because  they  are  expensive. 

But  First  National  Bank  of  Omaha  built  a 
200,000-square-foot  fuel-cell-powered  data 
center  in  1999  because  such  systems  tend  to 
be  especially  reliable.  The  data  center  is  about  the  size  of  a  foot¬ 
ball  field;  it’s  surrounded  by  a  dry  moat  and  is  powered  entirely 
by  four  200-kilowatt  fuel-cell  generators.  If  the  data  center  does 
lose  fuel  cell  power,  which  is  extremely  unlikely,  an  uninterrupt¬ 
ible  power  supply  can  carry  a  short-term  load. 

“With  the  fuel  cells,  we  have  seven-9s  of  reliability,  or  about  2 
or  3  seconds  of  downtime  per  year,”  says  Brenda  Dooley,  presi¬ 
dent  of  First  National  Buildings,  a  bank  subsidiary  that  handles 
corporate  real  estate  and  facilities  management.  “We  came  from  a 
system  with  backup  batteries.  When  we’d  lose  power,  the  batter¬ 
ies  just  wouldn’t  be  there.  We  did  this  for  reliability.” 

Dooley  explains  that  the  credit  card  processing  that’s  done  at 
the  data  center  requires  high  reliability:  Just  one  hour  of  down¬ 
time  could  result  in  a  loss  of  as  much  as  $6  million. 

The  bank  knew  that  using  fuel  cells  would  be  expensive.  In 
Nebraska,  AC  energy  costs  only  about  5  cents  per  kilowatt-hour, 
whereas  electricity  from  fuel  cells  costs  about  12  cents  per  kilowatt- 
hour.  It  would  have  cost  $2.2  million  to  build  a  data  center  that 
used  AC  power;  using  fuel  cells  raised  the  price  tag  to  $3.4  million. 
Dooley  says  fuel  cells  are  worth  the  higher  price,  and  the  ROI  is 
excellent  because  the  bank  doesn’t  suffer  lost  transactions. 

Of  course,  other  enterprises  might  not  be  willing  to  pay  such  a 
high  price  for  great  reliability.  “Fuel  cell  technology  is  not  there  in 
terms  of  volume  and  scale  to  support  larger  data  centers,”  says  Nem- 
ertes’  Ritter.  “But  down  the  road,  it  is  very  interesting  potentially  as  a 
backup  power  source.” 

Alternative  power  has  a  bright  future  for  data  centers.  Ritter 
says  there  may  be  no  other  option  in  the  coming  years,  if 
traditional-energy  prices  continue  to  soar.  Whether  it’s  solar 
power,  gas  turbines,  fuel  cells  or  some  emerging  option  —  such 
as  harnessing  the  power  of  ocean  waves  —  it’s  clear  that  new 
energy  sources  will  play  a  role  in  the  data  centers  of  the  future.  ♦ 
Brandon  is  a  former  IT  manager  who  now  writes  about  technology. 


»  CIO  ANGELA  MILLER  says 
virtualization  was  critical  to  the 
success  of  NCTD’s  solar  project. 
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Hallmark’s  Fresh  Start 

The  greeting  card  company  built  a  new,  faster  website  and  saw  a 
30%  uptick  in  its  customer  conversion  rate.  By  Patrick  Thibodeau 


FOR  MONTHS,  Hallmark  Cards  had  been  building 
a  new  website  in  parallel  with  its  old  one.  Late 
one  night  last  September,  Hallmark’s  online  team 
arrived  at  its  moment  of  truth:  the  switch-over. 

Would  the  new  site  work?  Paul  Barker,  vice 
president  and  general  manager  of  Hallmark 
Digital,  which  manages  the  company’s  online 
presence,  wasn’t  sure. 

“We  were  all  standing  around  waiting  for  it  to  break,  waiting 
for  it  to  crash,  and  it  didn’t  —  it  was  a  real  confidence  booster  for 
the  entire  organization,”  Barker  says. 

But  he  still  had  concerns.  Would  conversion  rates,  or  sales,  be 
hurt?  The  project  was  a  complete  re-architecture  and  platform  shift. 

“We  expected  to  have  a  lower  conversion  rate  because  we 
thought,  with  a  new  site,  it  was  going  to  take  some  time  for 
people  to  get  used  to  it,”  Barker  says.  Instead,  Hallmark  reports 
that  its  conversion  rate  increased  by  30%. 

The  company  also  says  customers  experienced  a  370%  im¬ 
provement  in  site  response  time.  On  the  old  site,  “response  time 
would  erode  significantly  at  the  peak  times,”  Barker  says.  “That 
was  unacceptable.” 

The  improvement  began  when  Hallmark  hired  Sawis  as  its 
hosting  provider  and  Infosys,  an  India-based  service  provider,  as  its 
primary  application  developer.  Response  times  from  2009  to  2010 
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improved  by  a  factor  of 
two  or  three,  but  after  the 
new  Hallmark.com  went 
live,  the  average  response 
time  for  the  month  of 
December  improved  by 
more  than  50%  from  the 
previous  year. 

The  exact  before-and- 
after  response  times 
weren’t  immediately  avail¬ 
able  from  Hallmark,  but 
Ken  Godskind,  chief  strat¬ 
egy  officer  at  AlertSite,  a 
Web  performance  man¬ 
agement  company,  says 
the  previous  figures  “must 
have  been  really  scary”  if 
Hallmark  is  reporting  a 
370%  improvement. 

At  Computerworld’s 
request,  AlertSite  bench- 
marked  Hallmark.com’s 
home  page  from  12  cities 
on  the  afternoon  of  April 
13  and  came  up  with  an 
average  response  time 
of  2.47  seconds,  putting 
it  at  about  15th  in 
AlertSite’s  most  recent 
ranking  of  response 
times  for  the  retail  sites 
it  monitors. 

Barker  says  that 
AlertSite’s  findings  mirror 
Hallmark’s  data.  “We  feel  we  are  performing  very  well,”  he  says. 

Prior  to  the  switch-over,  Hallmark  was  adding  a  growing  catalog 
of  features  that  included  a  loyalty  points  program,  address  books 
and  reminders  of  key  events  such  as  birthdays.  And  it  was  adding 
that  functionality  to  a  site  that  offered  more  than  5,000  products. 

The  additions  produced  a  complex  code  layer  that  hurt  perfor¬ 
mance  and  made  it  difficult  to  add  new  customer  features.  That’s 
why  Hallmark  decided  to  remake  its  site.  “This  gave  us  an  ability 
to  have  a  fresh  start,”  Barker  says. 

The  company  stopped  using  IBM’s  WebSphere  software  and 
switched  to  Microsoft’s  .Net,  because  Microsoft  offered  lower 
licensing  and  maintenance  costs. 

Barker  doesn’t  credit  any  single  change  with  the  conversion 
rate  increase.  For  example,  he  points  out  that  optimizing  search 
and  navigation  also  made  it  easier  for  customers  to  find  products. 

Khalid  Saleh,  co-founder  of  Invesp  Consulting,  which  helps 
companies  improve  their  conversion  rates,  says  it’s  hard  to  pin 
upticks  in  sales  on  improved  response  times,  but  when  the 
average  response  time  drops  from  12  seconds  to  5  seconds, 

“you  can  see  a  huge  uplift  in  customers”  —  and  conversion  rate 
increases  of  as  high  as  12%. 

Barker  says  the  experience  has  given  his  organization  “a  lot 
of  confidence  that  we  can  take  on  even  more  —  whether  more 
services,  products  or  functionality.”  ♦ 

IMAGE  COURTESY  OF  HALLMARK 
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number  of  people  or  fewer. 

A  separate  study  by  Metrics  Based 
Assessments,  also  released  in  March, 
explains  what’s  happening. 

MBA,  a  data  center  research  firm 
that  benchmarks  about  100  data  centers 
annually,  reported  that  in  2006,  the 
number  of  Linux  operating  system 
images  supported  by  the  equivalent  of 
a  single  full-time  systems  administrator 
was  9.2,  but  by  2010  it  was  17.1,  an  86% 
increase.  Over  that  same  period,  the 
number  of  Windows  images  supported 
by  a  single  full-time  staffer  increased 
61%,  and  the  number  of  Unix  images  per 
staffer  rose  38%,  according  to  MBA. 

“What  we’re  really  seeing  is  that  people 
are  adding  capacity,  but  they  are  not 
increasing  staff  size,  and  somehow  the 
staff  is  figuring  out  how  to  deal  with  it,” 
says  Mark  Levin,  a  partner  at  MBA.  “And 
a  lot  of  it  has  to  do  with  improved  levels  of 
automation  or  things  of  that  nature.” 

But  even  with  technical  improve¬ 
ments,  Levin  says,  productivity  gains 
are  being  achieved  because  data  center 
workers  are  simply  taking  on  more  work. 

“Server  virtualization,  server  management  software  and  data 
center  automation  are  making  the  data  center  more  efficient,” 
says  John  Longwell,  vice  president  of  research  at  Computer  Eco¬ 
nomics,  an  IT  research  firm  in  Irvine,  Calif.  “At  the  same  time, 
server  counts  are  still  rising,  despite  all  the  yakking  about  server 
consolidation  and  data  center  consolidation.” 

But  this  is  also  a  consistent  long-term  trend.  Computer  opera¬ 
tors  (now  called  systems  administrators)  used  to  account  for 
about  10%  of  the  IT  staff  back  in  1997,  says  Longwell.  Today,  they 
account  for  3.3%  of  the  IT  staff. 

Another  major  trend  that’s  shaping  data  centers  is  the  growth 
of  cloud  computing.  In  October  2009,  only  14%  of  data  centers 
had  implemented  any  form  of  cloud  computing,  according  to  the 
AFCOM  survey.  That  figure  now  stands  at  36%. 

“Our  prediction  is  that  80%  to  90%  of  all  data  centers  will  be 
adopting  some  form  of  cloud  computing  in  the  next  five  years,” 
says  Jill  Eckhaus,  CEO  of  AFCOM,  which  has  made  cloud  com¬ 
puting  a  priority  in  its  training  programs. 

Eckhaus  says  data  center  managers  are  more  interested  in  private 
clouds  for  control  and  security  reasons,  but  she  notes  that  AFCOM’s 
adoption  estimate  also  includes  use  of  public  cloud  services. 

In  terms  of  budgets,  nearly  38%  of  the  respondents  to  the 
AFCOM  survey  said  they  expect  their  companies  to  increase 
their  data  center  budgets  in  2011,  while  41%  said  they  expect 
funding  to  remain  the  same  and  20%  said  it  would  decline. 

Eckhaus  says  the  survey  also  found  that  15%  of  the  data  centers 
don’t  have  data  backup  and  recovery  plans,  and  about  30%  don’t 
have  backup  sites.  “To  me,  these  statistics  are  shocking,”  she  says. 

Levin  says  he  isn’t  surprised  by  the  lack  of  spending  on  or  at¬ 
tention  to  disaster  recovery.  “We  thought  after  9/11  there  would 
be  a  significant  increase  in  disaster  recovery  spending  —  it  never 
happened,”  he  says.  ♦ 


DATA  CENTERS  continue  to  be  filled  with  more 
and  more  IT  systems,  but  enterprises  aren’t 
necessarily  hiring  more  people  to  manage 
that  new  equipment,  two  surveys  have  found. 

In  a  survey  conducted  in  March  by  AFCOM, 
a  data  center  managers  group,  37%  of  the 
respondents  said  they  had  reduced  their  data 
center  staffs  over  the  past  three  years,  and  29%  said  they  kept  their 
staffing  levels  the  same.  The  balance,  nearly  35%,  increased  staffing. 

But  over  that  same  period,  nearly  74%  of  the  data  centers 
increased  their  physical  server  count,  according  to  the  AFCOM 
poll  of  360  IT  managers  and  other  senior  IT  executives. 

The  upshot  is  that  66%  the  data  centers  covered  in  the 
AFCOM  survey  are  managing  more  systems  with  the  same 
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This  book  will  show  you  how  to  use  the  ‘discovery’  rules  to  find  out  the  evidence 
possessed  by  your  opponents,  how  to  stand  up  to  legal  bullies  and  how  to  make  sure 
that  when  you  have  your  day  in  court,  you  come  prepared. 

Order  this  helpful  book  today.  Spiral  bound:  $89 


YES!  Please  ship  me  one  copy  of  How  To  Win  a  Lawsuit  Without  Hiring  a  Lawyer 

I  enclose  $89.  Checks  or  Money  Orders  accepted. 

Name _ 

Address _ _ 

City _  State _  Zip _ 

Return  to:  Citizens  Justice  Association,  Box  390979,  Cambridge,  MA  02139 

SATISFACTION  GUARANTEED! 


When  Email  Gets  Hacked 

An  executive’s  webmail  account  is  compromised,  and  it 
contains  plain-text  passwords  for  corporate  apps. 


THIS  WEEK,  one  of  our  C-level 
executives  suffered  a  personal 
security  incident  that  spilled 
over  to  the  workplace.  Here’s 
what  happened. 

The  executive’s  Yahoo  email  password 
was  compromised,  which  she  learned 
after  hearing  from  friends  who  told  her 
that  they  had  received  messages  from  her 
requesting  money  to  deal  with  a  crisis. 
You’ve  probably  heard  similar  stories, 
but  whoever  hacked  the  executive’s 
email  was  a  bit  more  clever  than  the 
average  cybercrook.  One 
friend  was  suspicious  of 
the  request  and  asked 
for  verification  of  the 
executive’s  identity.  Most 
email  hijackers  would 
probably  give  up  and  move  on  to  another 
victim  at  that  point,  but  this  hacker  had 
sifted  through  the  executive’s  emails  and 
learned  enough  about  her  family,  vaca¬ 
tions  and  health  issues  to  trick  the  friend 
and  dupe  her  into  wiring  the  money. 

Naturally,  the  executive  had  used 
her  Yahoo  Mail  account  for  a  variety  of 
activities,  including  setting  up  accounts 
with  her  bank,  her  brokerage,  an  airline 
and  various  shopping  sites.  The  Yahoo 
account  had  received  emails  containing 


clear-text  passwords  when  she  had  for¬ 
gotten  them.  Worse,  she  often  used  the 
same  password  for  multiple  accounts. 

I  advised  her  to  abandon  the  email 
account  and  to  contact  all  of  her  friends 
and  let  them  know  that  they  should 
disregard  any  mail  from  that  address. 

But  that  action,  or  simply  changing  the 
password,  probably  wouldn’t  be  enough 
to  stem  the  damage.  Most  identity 
thieves  will  download  all  the  email  from 
a  compromised  account,  as  well  as  data 
such  as  calendars  and  contact  lists,  to  a 
local  computer.  This 
is  quite  simple,  since 
many  webmail  clients 
allow  customers  to 
use  more  feature-rich 
email  clients  such  as 
Microsoft  Outlook  to  download  email. 

So  even  if  the  account  were  shut  down  or 
the  password  changed,  the  hacker  would 
probably  still  have  all  of  its  contents. 

Because  the  compromised  content 
could  not  be  safeguarded,  I  also  told  her 
to  file  a  police  report;  contact  all  banks, 
credit  card  companies,  brokerages  and 
other  organizations  with  which  she  had 
done  business  online;  file  a  fraud  alert 
with  the  major  credit  agencies;  sign 
up  for  a  credit-monitoring  service;  and 


(Trouble 
Ticket 

A  C-level 

executive’s  Yahoo  Mail 
client  was  hacked,  opening 
the  wav  lor  the  hacker  to  get 
into  the  corporate  network. 


Change 

all  her  SaaS  and 
domain  passwords,  fast. 


obtain  a  new  email  address  and  update 
all  of  her  accounts  with  that  address.  I 
also  warned  her  to  refrain  from  using 
any  PCs,  including  her  home  PC,  until 
we  could  verify  their  integrity,  since  we 
still  didn’t  know  how  her  password  had 
been  compromised. 

Dangerous  Habit 

In  the  course  of  our  conversation,  I 
learned  that  this  incident  had  implica¬ 
tions  for  the  company.  You  see,  we  have 
increased  our  use  of  software  as  a  service 
to  the  point  that  we  now  use  more  SaaS 
offerings  than  on-premises  applications. 
Some  might  see  this  as  an  achievement.  I 
see  it  as  a  security  nightmare. 

As  I’ve  explained  in  past  articles, 
most  SaaS  vendors  have  focused  more 
on  functionality  and  accessibility  than 
on  security.  This  incident  is  a  perfect 
example  of  how  that  approach  can  lead 
to  problems.  The  executive  had  a  habit 
of  forgetting  her  passwords  for  SaaS  ap¬ 
plications,  and  she  gave  me  a  list  of  seven 
SaaS  apps  that  had  sent  password  reset 
notices  to  her  hacked  email  account  —  in 
clear,  unencrypted  text! 

Fortunately,  none  of  the  data  used 
with  these  particular  apps  was  extremely 
sensitive.  But  she  had  used  her  domain 
password  for  all  of  the  applications. 

This  meant  we  had  to  change  her  domain 
password  and  then  log  in  to  all  the  other 
applications  —  about  15  altogether  —  that 
were  not  synchronized  with  Active  Direc¬ 
tory  or  configured  for  single  sign-on. 

Needless  to  say,  this  was  not  a  good 
day  for  this  executive.  But  on  a  positive 
note,  I  did  get  a  sponsor  for  my  security 
awareness  and  training  program.  ♦ 

This  week’s  journal  is  written  by  a  real 
security  manager,  “Mathias  Thurman,” 
whose  name  and  employer  have  been  disguised 
for  obvious  reasons.  Contact  him  at  mathias_ 
thurman@yahoo.com. 


The  executive  gave  me  a  list  of  seven  SaaS  apps  that  had 
sent  password  reset  notices  to  her  compromised  account. 
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the  discussions  about 
security!  computerworld.com/ 
blogs/security 


MARKETPLACE 


They  say  work  smarter,  not  harder.  They 
must  be  using  our  processor. 


The  next  generation  of  intelligent  server  processors 
The  Intel*  Xeon®  processor  5600  series  automatically 
regulates  power  consumption  to  combine  industry-leading 
energy  efficiency  with  intelligent  performance  that  adapts 
to  your  workload.  Check  out  the  new  intelligent  features 
of  the  Xeon  5600  at  intel.com/itcenter. 


SEE  WHAT 
INTELLIGENCE 
CAN  DO 


Servers  from  iXsystems  feature  the  Intel®  Xeon®  processor  5600  series. 


Enterprise  Servers 
for  Open  Source 
www.iXsystems.com 
1 -855-GREP-4-IX 


Intel  is  not  responsible  for  and 
has  not  verified  any  statements 
or  computer  system  product- 
specific  claims  contained  herein 


The  iX2216-10G  features  dual  on-board 
Intel®  82599EB  10  Gigabit  SFP+  Ports, 
dual  on-board  Intel®  82576  Gigabit  Ports, 
and  18  DIMM  slots  supporting  up  to  192GB 
of  DDR3  ECC  Registered  memory.  Ideal  for 
HPC,  Data  Center,  Virtualization,  Clustering, 
and  Cloud  Computing  applications. 

The  iX1204-10G  features  the  latest  Intel® 
CPUs  based  on  the  32nm  and  45nm 
next-generation  microarchitecture.  The  next 
step  in  intelligent  performance,  automated 
energy  efficiency,  and  flexible  virtualization. 


iX2216-10G 

•  Dual  Intel®  Xeon®  5600  Series  Processors 

•  2U  Form  Factor  with  sixteen  2.5"  SAS/SATA 
Plot- Swap  Drive  Bays 

•  On-Board  Dual  Port  Intel®  82599EB 10 
Gigabit  SFP+ 


iX1204-10G 

•  Dual  Intel®  Xeon®  5600  Series  Processors 

•  1U  Form  Factor  with  4  Hot-Swap  SAS/SATA 
Drive  Bays 

•  On-Board  Dual  Port  Intel®  82599EB 10  Gigabit  SFP+ 


©2011,  Intel  Corporation.  All  rights  reserved.  Intel,  the  Intel  logo,  Intel  Sponsors  of  Tomorrow,  Intel  Xeon,  and  Xeon  Inside  are  trademarks  of  Intel  Corporation  in  the  U.S.  and  other  countries. 
'Other  names  and  brands  may  be  claimed  as  the  property  of  others. 
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—  OPINION 


Miff  PERKINS 

What  Suppliers  Can  Tell  You 
About  Your  Own  Business 


Strategic 
suppliers 
share  your 
most  crucial 
goal:  your 
long-term 
success. 


Bart  Perkins  is 

managing  partner 
at  Louisville.  Ky.- 
based  Leverage 
Partners,  which  helps 
organizations  invest 
well  in  IT.  Contact 
him  at  BartPerkins® 
LeveragePartners.com. 


SO,  YOU’VE  SET  UP  A  PREFERRED  SUPPLIER  PROGRAM  to  obtain 
maximum  value  from  all  of  your  IT  suppliers.  You  design  your  IT 
contracts  to  get  the  best  combination  of  cost  and  service  for  desired 
products,  then  monitor  performance  against  the  contract. 


But  are  you  really  getting  the  most  from  these 
relationships? 

Few  companies  with  preferred  supplier  programs 
consult  even  their  most  strategic  suppliers  for  input 
on  creative  ideas  to  improve  IT.  They’re  missing 
out,  because  many  suppliers  can  offer  valuable 
insights.  Think  about  it.  Strategic  suppliers  share 
your  most  crucial  goal:  your  long-term  success. 
These  suppliers  work  with  many  companies  in  a 
variety  of  industries,  giving  them  a  broad  perspec¬ 
tive  that  enables  them  to  objectively  gauge  the 
relative  effectiveness  of  different  approaches  to  IT 
challenges.  And  their  employees  can  provide  sug¬ 
gestions  unhampered  by  corporate  politics. 

A  supplier’s  fresh  perspective  could  be  helpful  in 
several  areas,  including  these: 

Internal  policies  and  procedures.  From  inside 
an  organization,  it’s  easy  to  turn  a  blind  eye  to 
processes  that  work  but  aren’t  truly  robust.  But  out¬ 
siders  aren’t  committed  to  the  status  quo.  In  fact, 
suppliers  often  have  incentive  to  make  a  client’s 
internal  processes  more  efficient  —  for  example, 
via  outsourcing  contracts  that  are  priced  with  the 
assumption  that  the  outsourcer  will  standardize 
processes  and  reduce  associated  costs.  And  a  sup¬ 
plier’s  staff  will  never  believe  that  “we’ve  always 
done  it  this  way”  constitutes  a  best  practice. 

And  what  suppliers  observe  often  goes  beyond 
processes  covered  in  the  contract.  For  example, 
the  executive  management  team  at  one  Fortune 
500  company,  having  sought  fixed  bids  for  all  new 
application  work,  was  mystified  when  all  the  major 
systems  integration  firms  declined  to  bid.  Then  a 
service  desk  outsourcer  explained  that  the  compa¬ 


ny’s  requirements  documents  had  consistently  been 
incomplete,  often  resulting  in  massive  additions 
and  changes  during  a  project.  For  the  integrators, 
the  fixed-fee  contract  was  too  great  a  risk.  Manage¬ 
ment  now  demands  comprehensive  and  detailed 
requirements. 

Employee  evaluations.  You  might  use  360- 
degree  reviews  and  organizational  climate  surveys, 
but  you  can  still  get  additional  insights  from  your 
suppliers.  The  major  drawback  of  employee  opinion 
surveys  is  that  many  employees  believe  that  man¬ 
agement  can  and  will  figure  out  who  wrote  which 
responses.  The  result  is  that  many  responses  are 
guarded.  Your  suppliers’  representatives,  however, 
can  offer  an  objective  perspective  on  your  staff s 
skills  and  morale,  both  from  firsthand  experiences 
and  things  your  employees  have  said  to  them. 

New  trends.  Strategic  suppliers  can  alert  you  to 
industry  trends  long  before  they  appear  in  the  trade 
press.  When  a  supplier  informs  you  of  an  emerging 
trend  —  without  a  related  sales  pitch  —  pay  close 
attention. 

Some  companies  ignore  or  reject  advice  from  exter¬ 
nal  sources,  on  the  grounds  that  “we  know  our  busi¬ 
ness  best.”  This  view  is  shortsighted.  Suppliers  offer 
an  invaluable  perspective,  both  within  and  across 
industries.  But  some  suppliers  are  hesitant  to  volun¬ 
teer  information.  They  might  assume  that  you  already 
know  about  existing  problems,  or  fear  that  they  might 
offend  you  by  drawing  attention  to  weaknesses.  Either 
way,  it’s  up  to  you  to  ensure  that  this  potentially 
crucial  exchange  of  information  takes  place. 

Leverage  your  suppliers’  insights  to  foster  mutual 
success.  In  the  end,  everybody  wins.  ♦ 
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Desktop  with  Spider 
Network  with  Spider 
Publish  (portable  media) 
Web  with  Spider 
Engine  for  Win  &  .NET 
Engine  for  Linux 


dtSearcK 


;  v 

The  Smart  Choice  for 
Text  Retrieval®  since  1991 


Instantly  Search  Terabytes  of  Text 


Highlights  hits  in  a  wide  range  of  data,  using  dtSearch's 
own  file  parsers  and  converters 

•  Supports  MS  Office  through  2010  (Word,  Excel,  PowerPoint, 
Access),  OpenOffice,  ZIP,  HTML,  XML/XSL,  PDF  and  more 


With  dtSearch:  "Endless 
indexing  is  now  a  breeze" 
Computerworld 


•  Supports  Exchange,  Outlook,  Thunderbird  and  other 
popular  email  types,  including  nested  and  ZIP  attachments 

•  Spider  supports  static  and  dynamic  web  data  like  ASP.NET, 
MS  SharePoint,  CMS,  PHP,  etc. 

•  API  for  SQL-type  data,  including  BLOB  data 

25+  full-text  and  fielded  data  search  options 

•  Federated  searching 

•  Special  forensics  search  options 


"Impressive  searching 
power ...  handles  more 
than  a  terabyte  of  text  in 
a  single  index" 

Network  World 


"Lightning  fast  ... 
performance  was 
unmatched  by  any  other 
product" 

Redmond  Magazine 


Ask  about 

fully-functional 

evaluations! 


•  Advanced  data  classification  objects 


APIs  for  C++,  Java  and  .NET  through  4.x 

•  Native  64-bit  and  32-bit  Win  /  Linux  APIs;  .NET  Spider  API 


Content  extraction  only  licenses  available 


J 


For  hundreds  more 
reviews  and  developer 
case  studies,  see 
www.dtSearch.com 


www.dtSearch.com  •  i-soo-it-finds 


Wanted,  Call  or  Email  now! 


1 ,2,4,8  GB  Desktop, Laptop, 
Server  Memory 


Intel  &  AMD  CPU's 
Cisco  Switches 


SMS  MEMORY 

The  low  price  leader  for  quality  memory  modules  since  1 989 

(2391-596-2254 

JeffSMSmemory@gmail.com  I  www.smsassembly.com 


wr.  -  w 


FOR  THE  FIRST  TIME  EVER,  INDIVIDUALS  CAN  NOW  JOIN 

THE  CONSUMER  ELECTRONICS  ASSOCIATION! 

\  :  ?■'  ;  '  ■'  - 

CEAs  Tech  Enthusiast  membership,  designed  exclusively  for  .early  adopters  ami  fervent  supporters  of  ,/ 
consumer  technology,  gives  you  access  to  CEA  and  offers  a  members-poly  website  with-  -  ' 

•  |  tfffilS  ■ 

•  Insider  information  on  the  latest  technology  Irends  < 

•  Consumer  electronics  product  giveaways  '  ,  ‘.r'  ;  ‘  '  i&f&'.'i 

•  Access  to  a  community  of  like-minded  technophile?  ;  ,  .  y.  :J  >  ...  ,  j  re j  F 

•  Discounts  on  consumer  electronics  products  1  .TV’.-  .  r  *•  i' 


Join  today  at  a  discounted 
Enter  promo  code  “COMP" 


It  ■  t  ..  ;  tt'.  .  I  Wi $&},('. 

j  latest  technology  trends  ,  S  ,rJ  '  '$*}  ?.  ■  • 

iduct  giveaways 

t  like-minded  technophile?  r  '■)  t  .;.  ,  S  f/v  ,  • 

lectromcs  products  ■  .  % 

d  rate  of  S29  ($49  value)  at  CEAtechenthusrast.com.  {r.vjS  ( 

”alCheCk0Ul-  7  TECH  ttrTHUSIAS.T 
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Tech  Jobs 
Rise  in 
Rust  Belt 

If  you’re  willing  to  relocate  to 
get  a  job  in  IT,  then  you  might 
want  to  consider  the  U.S.  city 
with  the  fastest  growth  in  tech  jobs  last  year:  Detroit.  The  Motor  City  topped 
the  list  when  Dice.com  looked  at  all  its  job  postings  for  February  2011  to  determine 
the  places  where  job  growth  was  strongest. 

Naturally,  Washington/Baltimore,  New  York/New  Jersey  and  Silicon  Valley  still  had 
the  most  openings,  says  Dice.  But  Detroit  greatly  outpaced  them  in  terms  of  the  per¬ 
centage  increase  from  February  2010  levels.  And  Detroit  was  far  from  the  only  Rust 
Belt  city  to  make  the  top  10. 

METRO  AREAS  WITH 

FASTEST  TECHNOLOGY  JOB  GROWTH  %  INCREASE 


DETROIT 

CINCINNATI 

CLEVELAND 

COLUMBUS,  OHIO 

SEATTLE 

PITTSBURGH 

MIAMI 


JACKSONVILLE,  FLA. 
CHICAGO 
SILICON  VALLEY 


Average  number  of  Google  searches  for  IT  jobs"  per  month. 

*<  v  1  SOURCE:  GOOGLE  A'OvypRDS  t 


ASK  A  PREMIER  100  IT  LEADER 


' 


Jay  Leader 

The  CIO  at  iRobot  answers 
questions  about  the  value  of 
training  in  public  speaking, 
how  to  talk  to  job  interviewers 
and  more. 


My  boss  wants  me  to  take  a  course  in  public  speaking, 
which  terrifies  me.  I  also  don’t  see  the  point.  He’s  not  the 
sort  of  person  you  question,  so  I’ll  ask  you:  Why  would  a 
backroom  IT  guy  need  to  bother  with  this?  Public  speaking 
is  a  critical  skill  that  is  valuable  to  anyone,  regardless  of  their 
general  duties  or  responsibilities.  It's  critical  to  be  able  to  clear¬ 
ly  articulate  a  point  of  view,  proposal  or  solution  to  those  who 
are  impacted,  and  I’m  sure  you  will  be  surprised  by  the  number 
of  times  you  will  be  called  on  to  make  these  kinds  of  presenta¬ 
tions.  I  can  think  of  many  occasions  where  you’ll  be  called  upon 
to  speak  as  a  “backroom  IT  guy”  -  to  gain  approval  for  a  major 
infrastructure  purchase,  or  outline  the  need  for  and  details  of 
a  necessary  system  outage,  for  example.  Adding  public  speak¬ 
ing  ability  to  your  personal  toolbox  will  be  a  very  worthwhile 
investment. 

Since  being  laid  off  nine  months  ago.  I’ve  had  a  few  inter¬ 
views,  but  they  haven’t  gone  well.  The  problem  has  been 
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that  the  interviewers  don't  seem  to  know  much  about  technology, 
and  so  they  have  no  way  of  evaluating  the  validity  of  my  responses. 
I’ve  begun  to  wonder,  though,  about  the  people  they  end  up  hiring. 
Are  IT  jobs  going  to  less  technically  adept  people  who  just  know  how 
to  talk  to  interviewers?  More  than  ever,  IT  jobs  are  being  filled  based 
on  “soft"  skills  like  communication,  teamwork  and  cultural  fit  as  much  as 
they  are  on  pure  technical  capability.  Many  interviewers  (myself  included) 
don’t  use  the  interview  process  to  assess  your  technical  skills, 
but  rather  to  evaluate  these  type  of  factors.  I  think  it’s  always 
important  to  know  (and  it’s  perfectly  fine  to  ask)  what  each 
interviewer  is  looking  for  from  the  interview  so  that  you  can 
tune  your  responses  to  fit  their  needs.  Talking  about  bits  and 
bytes  to  a  person  who’s  assessing  your  cultural  fit  with  the 
team  or  organization  is  a  natural  mismatch  of  expectations,  so 
work  hard  to  understand  each  person’s  role  and  background 
before  you  show  up  to  interview. 

Sometimes  I  feel  like  the  lone  woman  in  an  old  boys’  club  when  the  IT 
directors  get  together.  I  hold  my  own  on  the  technology  and  business 
issues,  but  a  lot  of  the  discussion  is  devoted  to  football  and  golf.  In 
itself,  that  doesn’t  annoy  me,  and  I  pay  enough  attention  to  sports 
to  not  feel  entirely  left  out.  Still,  I’m  usually  the  one  who  directs  ev¬ 
eryone  to  the  business  at  hand,  and  I  think  I’m  getting  labeled  as  the 
killjoy.  Now,  that  does  annoy  me,  because  I’m  actually  a  fun-loving 


person.  Is  this  something  I  should  even  worry  about?  I  don’t  think  you 
should  worry,  but  I  also  think  it’s  important  to  understand  the  dynamics 
of  your  work  environment  and  be  able  and  willing  to  adapt  yourself  to  the 
culture  and  behaviors  that  exist  in  your  specific  situation.  Cultures  are  typi¬ 
cally  bigger  than  individuals,  and  trying  to  change  them  to  suit  your  own 
particular  preferences  might  lead  others  to  believe  that  you’re  “not  with 
the  program."  Building  relationships  is  critical  to  being  effective,  and  if  you 
can  find  common  (though  perhaps  not  ideal)  ground  to  use 
as  a  basis  for  relationship-building,  you’ll  have  a  much  better 
chance  to  be  viewed  as  a  team  player. 

I  am  working  in  the  U.S.  on  an  H-lB  visa.  Most  of  my  col¬ 
leagues  have  been  helpful,  some  have  been  welcoming, 
but  a  few  have  been  openly  hostile.  I  try  not  to  take  this 
personally;  I  know  there  is  much  anguish  and  debate 
over  my  type  of  visa.  But  how  should  I  handle  these  co¬ 
workers?  Most  people  are  reasonable  and  supportive  of  colleagues  trying 
to  build  a  career,  but  there  are  always  a  few  who  will  look  for  the  negatives 
in  any  situation.  You  didn’t  author  the  H-lB  program  and  aren’t  accountable 
for  its  positives  and  negatives;  you’re  simply  trying  to  follow  the  defined 
process  and  secure  an  opportunity  to  build  a  career  as  offered  through  the 
program.  I  think  being  open  and  honest  about  your  intent  and  motives  will 
carry  the  day  with  your  reasonable  colleagues,  and  all  you  can  ask  and  ex¬ 
pect  from  the  rest  is  understanding,  if  not  agreement. 


If  you  have  a  question 
for  one  of  our  Premier 
100  IT  Leaders,  send 
it  to  askaleader® 
computerworld.com, 
and  watch  for  this 
column  each  month. 


DEFEND  NETWORKS  AND  INFORMATION. 
IMPRESS  POTENTIAL  EMPLOYERS. 

Preventing  data  theft.  Reassuring  customers.  Complying  with  federal 
regulations.  Just  some  of  the  reasons  why  securing  information  is  such 
a  high  priority  for  employers.  Seize  your  opportunity,  with  a  certificate 
or  a  master's  degree  from  University  of  Maryland  University 
College  (UMUC).  Whether  you're  a  manager  or  an  IT  professional, 
you'll  learn  how  to  protect  systems  and  information  against  deliberate 
attacks  or  accidental  damage. 


Designated  as  a  National  Center  of  Academic  Excellence  in 
Information  Assurance  Education  by  the  NSA  and  the  DHS 

Recognized  as  a  Professional  Science  Master's 
by  the  Council  of  Graduate  Schools 

Financial  aid  and  an  interest-free  monthly  payment 
plan  available 

Program  is  offered  entirely  online 


UMUC 


Enroll  now. 


University  of  Maryland  University  College 

CawrttM  C  I  UittrrXIT  *  H*rtUn*  UnrrtrUtr  C»41f 


800-888-umuc  •  umuc.edu/mychallenge 
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Systems  Analyst  II:  Analyze 
comp.  sys.  user  reqmts,  pro¬ 
cedures,  &  resolve  problems. 
Prep.  Reports;  review  comp,  sys 
capabilities;  conduct  analyses  of 
new  systems.  Must  have  Bach, 
deg.  in  comp,  sci,  eng.  field, 
math  or  related  field  &  2  yrs  exp. 
in  S/W  development  includ. 
team  leadership  in  on/offshore 
delivery  system.  May  have  mul¬ 
tiple  &  varying  long-term  job 
assignmts  in  US.  Job  site  & 
Interview:  Fremont  ,  CA.  Send 
resume  to  Ashok  Kumar,  Infosys 
Technologies  Ltd.,  6100 
Tennyson  Pkwy,  Suite  200  , 
Plano  ,  TX  75024  ,  Refer  to  Job 
SAM  4-11. 

Systems  Analyst  III:  Analyze  & 
assess  tech,  needs  to  define 
solutions  &  design  project  plans. 
Provide  tech.  &  admin,  lead¬ 
ership  for  on/offshore  team 
Liaise  w /  client  on  objectives. 
Analyze  comp,  system  user 
reqmts,  procedures,  &  resolve 
problems.  Prep.  Reports;  review 
comp.  sys.  Operations;  analyze 
new  systems  or  modifications 
Direct  jr  level  eng.  staff  .  Must 
have  a  Bach.  deg.  in  comp,  sci., 
eng.  field,  math,  or  related  field 
&  5  yrs  exp.  in  SAW  developmt 
w /  3  yrs  exp.  in  team  leadership 
in  a  distributed/global  delivery 
environment,  offshore  delivery. 
May  have  multiple  &  varying 
long-term  assignments  in  US. 
Job  site  &  Interview:  Fremont, 
CA.  Send  resume  to  Ashok 
Kumar,  Infosys  Technologies 
Ltd.,  6100  Tennyson  Pkwy,  Suite 
200  ,  Plano  ,  TX  75024  .  Refer 
to  Job  SAIII  4-11 


Project  Manager  position  avail¬ 
able.  Must  have  experience 
coordinating  management  and 
development  of  mult,  projects 
directed  toward  strategic  busi¬ 
ness  and  org.  objectives. 
Experience  coordinating  with 
Infrastructure.  Support,  and 
Website  development  teams 
plus  Systems/Database  Admin, 
to  ensure  projects  executed 
and  enhancements/solutions 
applied.  Experience  with  server 
configuration,  security  of  com¬ 
pany  servers/networks,  and 
knowledge  of  PCI  compliance. 
Masters  degree  and  2  years 
experience  in  Software 
Engineering  required.  Please 
send  Ad  with  resume  to  Pro 
Softnet  Inc.  Attn:  HR;  26115 
Mureau  Road  Suite  A, 
Calabasas,  CA  91302  re: 
11.9041.1 


Innowave  Technology,  LLC  is 
seeking  Oracle  WebLogic 
Administrator  for  Irvine,  CA 
office.  B.Sc.  in  Electrical  Eng.  or 
related  &  5  years  of  work  exp  in 
Oracle  WebLogic  Administration 
(OWA)  or  related  or  M.Sc. 
degree  in  above  +  2  yrs  work  exp 
in  OWA  or  related.  Salaried/full 
time  position.  For  details  please 
visit  www.innowavetech.com. 
Please  e-mail  CV  &  salary 
requirements  to 

maya.kamath@innowavetech.com 
or  fax  to  949-223-6428. 


SAP  Technical  Lead  to  work  w / 
functional  business  leads  in 
Fin'l  Reporting  &  Acctg  groups 
to  dsgn  business  process  defi¬ 
nitions  necessary  to  streamline 
&  optimize  fin'l  processes  w/in 
FICO(Finance  &  Control 
Module)  &  other  rltd  functional 
components  in  Whitestone  NY 
&  other  unanticipated  Iocs. 
Qualified  apps  must  have  MS  + 
2yrs  of  IT  Consulting  using  SAP. 
SAP  Cert  &  SAP  FICO  skills 
reqd.  Travel  reqd.  Submit 
resume  &  refs  to  D.  Lock, 
Judge  Technical  Staffing,  300 
Conshohocken  State  Rd., 
Conshohocken,  PA  19428. 


Computers  -  Chegg,  Inc, 
seeks  Senior  Software 
Engineer  in  Santa  Clara,  CA: 
Design  simple,  scalable, 
robust  and  easy  to  deploy 
integration  solution  leveraging 
Mule  ESB  and  Active  MQ. 
Req’s:  MS  (or  equiv.)  +  3  yrs 
exp  or  alt.  BS  (or  equiv.)  +  5 
yrs  exp.  Submit  resume  w / 
ref.  to  Req  #3  to: 
jobs@chegg.com.  EOE 


Systems  Analyst,  New  York,  NY 
&  other  client  locations: 
Analyze,  design,  develop, 
implement,  customize  &  main¬ 
tain  applications  &  systems 
using  Perl,  Java,  C,  C++, 
MySQL,  Web  Services,  RPC, 
SOAP,  TCP/IP,  Shell  Script, 
SQL  Loader,  OOAD,  Design 
Patterns,  Clearcase,  Oracle 
10g.,  SQL  Server,  Unix,  Sun 
Solaris,  Linux,  &  Win  NT/2000/ 
XP.  MS  in  CS,  MIS,  CIS,  Bus, 
or  Eng  (any)  W/lyr  exp.  Salary 
DOE.  Email  resume 
consulting@hmna.com  or  mail 
Helios  &  Matheson  North 
America,  200  Park  Ave  South, 
Ste  901,  New  York,  NY  10003. 


IT  Corp.,  Aliso  Viejo,  Orange 
County,  CA  and  at  unantici¬ 
pated  client  sites  across  the 
U.S.  has  openings  for 
Program  Management 
Analyst,  Software  Engr., 
System/  Programmer  Analyst 
and  Project  Leader/Manager. 
Mail  resume  and  position 
desired  attn  to  HR-Raghuraj 
Adhiyarath,  UST  Global  Inc. 
1 20  Vantis  Ste  500  Aliso  Viejo 
CA  92656. 


COMPVTERWORLD 


Law  Firms 
IT  Consultants 
Staffing  Agencies 


Place  your  Labor  Certification  Ads  Here 

Are  you  frequently  placing 
legal  or  immigration  advertisements? 

Let  us  help  you 
put  together  a 
cost-effective  program 
that  will  make  this 
time-consuming 
task  a  little  easier. 


Contact  us  at: 

800.762.2977 


IT 
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Sagitec  Solutions,  LLC,  an 
established  IT  services  firm, 
seeks  Software  Analysts  and 
Business  Analysts.  Positions 
require  a  MS  degree  or  equiv. 
in  engineering,  computer  sci¬ 
ence  or  a  related  field  and  at 
least  12  months  of  relevant 
exp.  Will  consider  candidates 
with  BS  degree  and  at  least  5 
years  exp.  Positions  are  based 
out  of  corp.  HQ  in  Little 
Canada,  MN  &  subject  to  relo¬ 
cation  throughout  the  US.  Mail 
resume  to  HR  Department, 
Sagitec  Solutions,  LLC,  422 
County  Road  D  East,  Little 
Canada,  MN  55117. 


Computer  Programmers 
needed.  Seeking  qual.  can¬ 
didates  in  the  Canonsburg,  PA 
area.  Duties  include:  Write 
comp  programs  to  adhere  to 
proj  specs  &  logical  flow  charts. 
Work  w /  C#,  C,  C++,  ASP.NET, 
Java,  SQL  Server  &  Oracle. 
Travel  req.  &  relocation  may  be 
req.  Send  res.  to  UBICS  Inc.,  at 
333  Technology  Dr.,  Suite  210, 
Canonsburg,  PA  15317. 


Systems  Analyst  I:  Analyze 
comp,  system  user  reqimts,  pro¬ 
cedures,  &  resolve  problems. 
Analyze  &  prep,  reports  of  user 
needs,  prog,  functions,  &  sys¬ 
tems.  Review  comp.  sys.  capa¬ 
bilities  for  modifications  & 
enhancements.  Conduct  analy¬ 
ses  of  new  systems/modifica¬ 
tions.  Must  have  at  least  Assoc, 
deg.  w/concentration  in  comp 
sci.,  engineering  field,  math, 
commerce/business  or  related 
field  (will  accept  3  yr  post  sec¬ 
ondary  deg./cert,  from  foreign 
school)  &  3  yrs  exp.  in  s/w  devel¬ 
opment  in  an  on/offshore  delivery 
system.  May  have  multiple  & 
varying  long-term  job  assign¬ 
ments  in  the  US  .  Job  & 
Interview:  Fremont  ,  CA  .  Please 
send  resume  to  Ashok  Kumar, 
Infosys  Technologies  Ltd.,  6100 
Tennyson  Pkwy,  Suite  200  , 
Plano,  TX  75024.  Refer  to  Job 
SAI  3-11. 


IT  Project  Manager. 


Mainframe,  COBOL,  DB2 


exp  needed.  Res  to: 


Software  Analysts,  1454 


Englert  Rd,  Eagan,  MN 


55122. 


Research  in  Motion  Corporation 
(US),  Irving,  TX,  positions  are 
available: 

TX5002-Team  Lead,  Radio 
Research  in  Motion  Corporation 
(US),  Mountain  View,  CA  & 
Sunnyvale,  CA,  positions  are 
available: 

CA4071 -Software  Developer 
Research  in  Motion  Corporation 
(US),  Bellevue,  WA,  positions 
are  available: 

WA5003-lncident  Manager 
Research  in  Motion  Corporation 
(US),  Andover,  MA,  positions 
are  available: 

MA5004-Software  Developer 
Submit  resume  to  Research  in 
Motion  Corporation  (US),  to  PO 
Box  141394,  Irving,  TX  75014- 
1394  ref  appropriate  job  title  & 
req  number. 


MphasiS  Corp  has  openings  for 
the  following  professional  posi¬ 
tion  at  its  office  in  NY,  NY  & 
unanticipated  client  sites 
throughout  the  US: 

•  Sales  Manager:  Analyze  busi¬ 
ness  technology  needs,  direct  & 
coordinate  sales  activities  involv¬ 
ing  sale  of  IT  services/products. 
Must  have  Bachelor  or  Master  or 
equiv  &  prior  exp  in  job  offered 
or  rel  field.  Edu/exp  reqs  vary 
depending  on  position  level/type. 
Travel/relocation  reqd.  Send 
res.,  sal  history  &  pos  applied  for 
to  recruitmentus@mphasis.com 
or  460  Park  Avenue  South,  Suite 
#1101,  New  York,  NY  10016. 
Attn:  HR  Manager  with  Ref: 
NY0411 


Looking  for  a 
challenging 
IT  Career, 
shouldn’t  be 
such  a 
challenge. 


Find  your  ideal  job  at 
www.ITCareers.com. 


it  careers 


Systems  Analyst,  Falls  Church, 
VA  &  other  client  locations: 
Analyze,  design,  develop,  imple¬ 
ment,  &  customize  application  & 
system  based  on  user  needs 
using  J2EE,  JSP,  JavaScript, 
JAXB,  ANT,  JUnit,  LOG4J,  SQL 
Server,  Java,  Spring,  Hibernate, 
RUP,  SOA,  Web  Services, 
Jasper  Reports,  Oracle  lOi/llg, 
Unix,  Linux,  Solaris,  &  Windows 
2000/XPA/ista.  MS  in  CS,  CIS, 
MIS,  Eng  (any),  or  related  W/lyr 
exp.  Salary  DOE.  Email: 
hr@aarisha.com  or  mail  Aarisha 
Inc,  900  S.Washington  St,  #212, 
Falls  Church, VA  22046. 


Capgemini  Financial  Services 
USA  Inc.  (Rosemont,  IL),  a 
global  systems  integrator  pro¬ 
viding  solutions  to  fin. services 
industries,  is  seeking  exper. 
prof,  consultants  for  the  follow¬ 
ing  positions:  Managers  (ref. 
#24A)  &  Lead  Consultants  (ref. 
#24B)  to  manage  consulting 
teams  &  client  relationships. 
Also  seeking  Sr.  Consultants 
(ref.  #24C)  to  design  develop 
test  &  implement  bus.  systems 
software  apps.  Email  resume  to: 
georgeann.bosco@capgemini.com 
&  reference  appropriate  job#. 
No  calls. EOE. 


Sr.  Systems  Analysts:  Design, 
develop  and  implement  com¬ 
puter  software  programs  and 
transaction  processing  com¬ 
ponents  for  e-Commerce; 
Develop  scripts  for  electronic 
data  processing  systems  within 
the  application  area.  Review, 
modify  software  programs  to 
ensure  technical  accuracy  and 
reliability.  Administer  and  main¬ 
tain  production  systems  run¬ 
ning  on  multiple  environments. 
Masters  in  Eng(any),  Info  Tech 
(any),Busi  Admin  reqd.  Any 
suitable  comb  of  education, 
train  &  experience  equal  to 
Masters  is  acceptable.  M-F 
from  9AM-5PM.  Offers  stan¬ 
dard  employment  benefits. 
Apply  w/2  copies  of  resume  to 
Federal,  Inc.  1218  9th  St  West 
Bradenton,  FL  34205 


Systems  Analyst,  Wilmington, 
DE  &  other  client  locations: 
Perform  technical  business 
analysis,  blue  print  &  opera¬ 
tional  guidance.  Script  business 
process  procedures  in  all  core 
modules  in  SAP  Application 
such  as  AP,  AR,  HR,  T&E,  & 
MOM.  Customize  layout  or  for¬ 
mat  various  legacy  reports 
using  PLD.  Develop  FDS  for 
RICEF  objects.  SAP  ECC,  SAP 
R/3,  PP,  SCM,  MRP,  Variant 
Configuration,  MCS,  QM,  LIMS, 
WM,  ITF,  ABAP,  Java,  SAP 
Console,  RFID,  RF,  Win  2000/ 
XP,  Unix,  Linux,  &  Mac.  MS  in 
CS,  MIS,  CIS,  Eng  (any),  Bus 
Mgmt,  or  related  W/lyr  exp. 
Salary  DOE.  Email  jobs@lninfo- 
sys.com  or  mail  LN  Infosys, 
2115  Concord  Pike,  Suite  207, 
Wilmington,  DE  19803. 


Project  Manager,  Edison,  NJ  & 
other  client  locations:  Manage, 
develop,  direct,  &  coordinate  pro¬ 
jects  &  progress  of  work,  resolve 
problems,  &  ensure  standards  for 
quality  of  work  are  met.  Exp  in 
Programming  Methodologies, 
SDLC,  ABAP/4,  SAP  Script,  SAP 
R/3,  Oracle,  Functional, 
Technical  Implementation,  & 
Configuration  of  SAP  modules 
such  as  HR,  SD,  MM  &  PP,  exe¬ 
cute  cross-functional  super  sce¬ 
narios,  &  manage  disaster  recov¬ 
ery  process  for  SAP  R/3  Appln. 
BS  in  CS,  MIS,  CIS,  or  Eng  (any) 
W/5yrs  exp.  Salary  DOE.  Mail 
Kaizen  Technologies,  1  Lincoln 
Hghw,  Ste  10,  Edison,  NJ  08820 
or  email  careers@kaizentek.com 
&  ref  BY1024. 


Senior  Software  Developer 
positions  available  in  the 
Morrisville,  NC  area.  Duties 
include:  Design,  code,  and 
debug  applications;  evaluate 
and  identify  new  technologies; 
manage  technical  problems; 
work  with  Flex  4.1,  GWT,  C, 
Visual  C++,  and  MFC;  work 
with  report  development  soft¬ 
ware  such  as  Jasper  Reports 
and  Business  Object  Tools. 
Send  resume  to:  Vistronix,  Inc., 
1851  Alexander  Bell  Drive, 
Suite  350,  Reston,  VA,  20191. 


Computer  Professionals  (Multiple 
Openings),  South  Plainfield,  NJ  & 
other  client  locations:  Involve  in 
all  phases  of  SLDC  process, 
analyze,  design,  develop,  imple¬ 
ment,  customize,  &  maintain 
applications  &  systems.  Good 
understanding  of  Financial 
Services  &  Insurance  domain. 
Salary  DOE.  MS/BS  in  CS,  MIS, 
CIS,  Math,  Bus,  Eng  (any),  or 
related  in  any  of  the  following 
skills:  1.  J2EE,  J/XFS,  JSF, 
JBPM,  OOAD,  Struts,  Hibernate, 
Oracle,  MySQL,  DB2,  Linux, 
Log4j,  OneShield  Dragon,  SOA, 
EJB,  MQ  Series,  Weblogic, 
Websphere,  JBoss,  SOAP,  JAX- 
RPC,  AJAX,  Web  Services,  & 
Win  NT/2000/XP.  BS  W/5yrs  exp 
&  ref  MG-01-2011.  2.  Rational 
Rose,  UML,  SOA,  IIS,  Biztalk, 
Oracle,  SQL  Server,  ASP.net, 
VB.Net,  C#,  Sharepoint  Portal, 
VB,  ASP,  HTML,  JSP,  MTS,  Unix 
&  Win  NT/2000/XP.  BS/Equi  W / 
2yrs  exp  &  ref  BVP-01-2011.  3. 
J2EE,  Oracle  lOg,  Java,  Quality 
Center,  QTP,  Test  Case 
Administration  Tool,  Trillium, 
CMOD,  STG,  Ratabase,  VB 
Script,  Java  Script,  Bugzilla, 
Share  Point,  Lotus  Notes,  Win 
Runner,  Load  Runner,  STG,  & 
Win  NT/2000/XP.  MS  W/lyr  exp 
&  ref  RSKC-01-2011.  4.  Project 
Manager  -  Conduct  project  exe¬ 
cution,  client  mgmt  &  team  mgmt 
for  delivery  of  projects  using 
methodologies  -Waterfall  & 
AGILE  -  SCRUM.  PMP  &  a 
Certified  ScrumMaster.  Facilitate 
Sprint  Planning  meetings, 
Planning  poker,  Scrum  calls, 
Sprint  Retrospective.  Oversee/ 
deliver  engagements  for  financial 
&  insurance  industry  customers. 
Manage/oversee  solution  deliv¬ 
ery  using  SOA  technology  plat¬ 
forms  MS. Net,  WCF,  Sharepoint, 
MS  Project,  Oracle, 
WebServices,  &  UML.  Perform 
System  Study,  Feasibility 
Analysis,  Estimations  using  FP, 
and  WBS  &  Project  Planning.  BS 
W/5yrs  exp  &  ref  KD-03-2011. 
Email  jobs@ 

valuemomentum.com  or  apply 
online  www.valuemomentum.com 


SENIOR  SYSTEMS  ANALYST: 
Piscataway,  NJ.  Analyze  client 
operations,  system  needs,  & 
software  requirements.  Convert 
project  specifications  for  coding 
in  computer  languages,  incl  C#, 
ASP.NET,  VB.NET,  VBScript, 
Smalltalk,  WPF,  XAML, 
Dreamweaver,  Flash,  Design 
patterns,  Web  Services, 
Javascript  frameworks, 

Scriptaculous,  &  JQuery. 
Oversee  development  of  soft¬ 
ware  systems.  Develop  efficient 
system  for  testing,  validation, 
programming,  &  documentation. 
Create  database  tables,  trig¬ 
gers,  &  stored  procedures. 
Oversee  work  of  junior  program¬ 
mers,  developers,  &  other  team 
members.  Req:  BS  in  CS/CIS / 
Computer  Engineering  &  at 
least  5  yrs  progressive  exp  as 
Programmer,  Software 

Engineer,  or  Systems  Analyst. 
May  be  assigned  in  various 
unanticipated  locations  through¬ 
out  the  U.S.  Send  resume: 
InfoSpan  Technologies,  15 
Corporate  Place  South,  #312, 
Piscataway,  NJ  08854. 
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SHARKS  MK 

TRUE  TALES  OF  IT  LIFE  AS  TOLD  TO  SHARKY 


‘For  Cause,’  Defined 

It’s  the  1980s,  and  this  pilot  fish  has  just  started  working  for  a  data  processing  com¬ 
pany.  “Shortly  after  l  began,  one  of  the  developers  was  let  go  for  cause,”  fish  says. 
“The  next  time  payroll  was  run,  it  aborted  halfway  through.  No  one  could  find  the 
cause,  and  since  this  program  was  the  baby  of  the  recently  departed  developer,  he 
was  called  in  to  help.  He  agreed  to  come  back  as  a  consultant  -  at  three  times  his 
previous  salary.  The  company  didn't  like  it  but  had  no  choice.  I  was  asked  to  sit  with 


him  to  see  how  to  fix  the  problem  if  it 
happened  again.  Over  the  next  three 
days,  I  saw  that  the  cause  was  a  pro¬ 
cedure  he  had  written,  buried  deep  in 
several  layers  of  programming.  That 
procedure  queried  the  table  of  em¬ 
ployee  information,  and  if  the  query 
revealed  that  the  developer’s  own 
Social  Security  number  wasn't  present 
or  that  his  ‘active’  status  was  ’N,'  the 


program  was  told  to  abort.  He  offered 
to  update  the  procedure  to  look  for 
my  SSN.  I  declined  -  and  understood 
then  what  ’for  cause’  meant.” 

Your  Tax  Dollars 
At  Work 

IT  manager  at  this  government 
agency  decides  to  test  80,000  pages 
destined  for  the  agency’s  website  to 


make  sure  they  don’t  contain  any  text 
that  a  screen  reader  can’t  read,  so 
he  hires  a  pricey  consultant  to  check 
each  page  in  a  browser,  reports  a 
pilot  fish  on  the  scene.  “When  l  asked 
my  boss  why  he  had  selected  an 
enterprise  data  architecture  analyst 
to  do  this  job,  he  said,  ‘I  wanted  the 
best.’  I  think  he  hired  the  most  expen¬ 
sive  one  on  a  list  of  consultants,”  fish 
says.  “Though  it  wasted  a  fortune  in 
tax  money  and  delayed  deployment 
by  a  whole  month,  it  wasn’t  all  bad. 
The  consultant  himself  was  an  OK 
guy.  He  knew  my  program  had  gener¬ 
ated  the  pages  he  was  checking  and 
that  they  were  all  clean.  But  he  smiled 
as  he  dutifully  opened  each  one  in 
Firefox,  saying  it  was  the  easiest  gig 
he’s  ever  had.” 

What  Do  We  Need 
Them  For? 

This  consultant  pilot  fish  is  redesigning 
the  website  user  interface  for  a  big 
investment  firm.  “I  was  in  the  planning 
meeting,  and  l  mentioned  that  we 
should  interview  and  pick  the  brains 
of  some  of  their  key  users  so  we  would 
have  a  solid  design,”  says  fish.  “The 
senior  business  sponsor  said  that  we 
wouldn’t  need  to  talk  to  users  because 
the  business  already  knew  what 
was  needed.  It  was  a  meeting  with  a 
dozen  key  players,  so  I  felt  a  need  to 
stress  that  it  would  be  a  good  idea  to 
employ  a  user-centered  design  to  bet¬ 
ter  ensure  a  favorable  outcome.  The 
business  sponsor  looked  me  in  the  eye 
and  said,  'There  are  other  ways  to  do 
user-centered  design  than  bothering 
with  actual  clients.’  ” 
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THE  GREAT  RECESSION  is  hopefully  now  behind  us,  but  its  effects 
will  be  with  us  for  eternity.  That’s  because  the  recession  fundamen¬ 
tally  changed  how  people  think  about  the  world,  in  two  ways. 

First,  it  focused  a  harsh  spotlight  on  the  quality  of  decision-making 


in  the  modern  enterprise.  Second,  and  probably 
more  significantly,  it  called  into  question  the 
legitimacy  of  the  leaders  making  those  decisions. 
Martin  Wolf,  associate  editor  at  the  Financial 
Times,  summed  up  the  whole  tragic  scenario  when 
he  said  that  most  people  “no  longer  believe  that 
[executives]  know  what  they  are  doing.” 

The  only  way  we  can  win  back  the  trust  of 
those  we  would  lead,  those  who  would  buy  from 
us  and  those  who  would  invest  in  us  is  to  become 
data-based  leaders.  Organizations  that  do  not 
embrace  the  realities  of  big  data,  employ  the  ser¬ 
vices  of  data  scientists  and  banish  data-challenged 
CEOs  will  fail,  and  fail  quickly. 

An  important  potential  first  step  on  the  path 
to  resuscitating  trust  in  leadership  is  to  ascer¬ 
tain  where  your  CEO  stands  vis-a-vis  data-based 
leadership.  I  was  very  surprised  to  discover  on  the 
blog  of  Ben  Horowitz,  who  with  Marc  Andreessen 
is  co-founder  and  general  partner  of  the  venture 
capital  firm  Andreessen  Horowitz,  the  following 
evaluation  of  CEO  decision-making: 

“Every  decision  that  a  CEO  makes  is  based  on 
incomplete  information.  In  fact,  at  the  time  of  the 
decision,  the  CEO  will  generally  have  less  than 
10%  of  the  information  typically  present  in  the 
ensuing  Harvard  Business  School  case  study.” 

As  a  student  of  management,  I  will  be  the  first 
to  agree  that  it  is  a  rare  occurrence  for  a  decision 
to  be  made  with  full  certainty  and  100%  of  the 
information  required.  But  I  differ  violently  with 
Horowitz  when  he  celebrates  the  courage  of 
CEOs  who  make  decisions  under  circumstances 
of  90%  ignorance.  That  is  not  leadership.  That  is 
sloth.  These  are  CEOs  who  are  too  lazy  or  too  self- 


reverential  to  do  the  hard  work  required  to  gather 
the  data  that  would  inform  a  prudent  decision. 

Today,  making  decisions  without  data  is  inex¬ 
cusable,  if  not  anachronistic  —  it’s  inconsistent 
with  realities  of  the  present  day  or  the  big- 
data  future  toward  which  we  are  hurtling.  Reid 
Hoffman,  the  executive  chairman  and  co-founder 
of  Linkedln  and  a  partner  at  venture  capital  firm 
Greylock  Partners,  told  the  tribal  elders  of  Silicon 
Valley  that  he  believes  the  next  big  thing  —  the 
real  meat  in  the  hype  sandwich  called  Web  3.0  — 
will  be  data. 

My  research  supports  Hoffman’s  forecast.  Post- 
Great  Recession,  I  have  been  going  door  to  door  in 
the  nation’s  C-suites  seeking  to  assemble  a  compos¬ 
ite  take  on  enterprise  decision-making.  Several  en¬ 
vironmental  truths  have  emerged.  And  Truth  No.  1 
is  that  sometime  between  Bernie  Madoff  going  to 
jail  and  the  U.S.  government  bailing  out  the  banks, 
the  world  rediscovered  data.  The  world  is  awash  in 
data.  Everyone  is  a  data  user  and  creator.  Everyone 
emits  a  trail  of  digital  exhaust  that  is  machine- 
readable  and  algorithmically  analyzable. 

But  not  everyone  is  a  data  scientist.  And  every 
organization  needs  one. 

While  data  has  been  exploding  around  us, 
another,  less-commented-upon  phenomenon  has 
occurred:  A  select  group  of  professionals  skilled 
in  obtaining,  scrubbing,  exploring,  modeling 
and  interpreting  data  has  set  up  shop  in  high- 
performance  organizations.  These  are  data  scien¬ 
tists,  creating  high-value  products  from  the  raw 
data  that  constitutes  the  digital  world  we  live  in. 

And  the  CEOs  who  deserve  to  lead  are  creating 
a  space  in  the  enterprise  for  them.  ♦ 
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